diff options
author | gregory guy <[email protected]> | 2021-06-07 21:47:06 +0200 |
---|---|---|
committer | gregory guy <[email protected]> | 2021-06-07 21:47:06 +0200 |
commit | 75b27d415da062fc7df07bbdacafbf85c5952e69 (patch) | |
tree | 4b5b40b463bd70c656207a4405424cb38a8686bd /kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp | |
parent | 71415aad02f1e60c8e3c788bd0d844e4da034eb4 (diff) | |
download | tdenetwork-75b27d415da062fc7df07bbdacafbf85c5952e69.tar.gz tdenetwork-75b27d415da062fc7df07bbdacafbf85c5952e69.zip |
Drop builtin tqca library.
Module tqca is expected as a dependency library by now.
Signed-off-by: gregory guy <[email protected]>
Diffstat (limited to 'kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp')
-rw-r--r-- | kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp | 1486 |
1 files changed, 0 insertions, 1486 deletions
diff --git a/kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp b/kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp deleted file mode 100644 index 5656addf..00000000 --- a/kopete/protocols/groupwise/libgroupwise/qca/src/tqca.cpp +++ /dev/null @@ -1,1486 +0,0 @@ -/* - * tqca.cpp - TQt Cryptographic Architecture - * Copyright (C) 2003 Justin Karneges - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -#include "tqca.h" - -#include <tqptrlist.h> -#include <tqdir.h> -#include <tqfileinfo.h> -#include <tqstringlist.h> -#include <tqlibrary.h> -#include <tqtimer.h> -#include <tqhostaddress.h> -#include <tqapplication.h> -#include <tqguardedptr.h> -#include <stdlib.h> -#include "tqcaprovider.h" - -#if defined(Q_OS_WIN32) -#define PLUGIN_EXT "dll" -#elif defined(Q_OS_MAC) -#define PLUGIN_EXT "dylib" -#else -#define PLUGIN_EXT "so" -#endif - -using namespace TQCA; - -class ProviderItem -{ -public: - TQCAProvider *p; - TQString fname; - - static ProviderItem *load(const TQString &fname) - { - TQLibrary *lib = new TQLibrary(fname); - if(!lib->load()) { - delete lib; - return 0; - } - void *s = lib->resolve("createProvider"); - if(!s) { - delete lib; - return 0; - } - TQCAProvider *(*createProvider)() = (TQCAProvider *(*)())s; - TQCAProvider *p = createProvider(); - if(!p) { - delete lib; - return 0; - } - ProviderItem *i = new ProviderItem(lib, p); - i->fname = fname; - return i; - } - - static ProviderItem *fromClass(TQCAProvider *p) - { - ProviderItem *i = new ProviderItem(0, p); - return i; - } - - ~ProviderItem() - { - delete p; - delete lib; - } - - void ensureInit() - { - if(init_done) - return; - init_done = true; - p->init(); - } - -private: - TQLibrary *lib; - bool init_done; - - ProviderItem(TQLibrary *_lib, TQCAProvider *_p) - { - lib = _lib; - p = _p; - init_done = false; - } -}; - -static TQPtrList<ProviderItem> providerList; -static bool qca_init = false; - -static bool plugin_have(const TQString &fname) -{ - TQPtrListIterator<ProviderItem> it(providerList); - for(ProviderItem *i; (i = it.current()); ++it) { - if(i->fname == fname) - return true; - } - return false; -} - -static void plugin_scan() -{ - TQStringList dirs = TQApplication::libraryPaths(); - for(TQStringList::ConstIterator it = dirs.begin(); it != dirs.end(); ++it) { - TQDir libpath(*it); - TQDir dir(libpath.filePath("crypto")); - if(!dir.exists()) - continue; - - TQStringList list = dir.entryList(); - for(TQStringList::ConstIterator it = list.begin(); it != list.end(); ++it) { - TQFileInfo fi(dir.filePath(*it)); - if(fi.isDir()) - continue; - if(fi.extension() != PLUGIN_EXT) - continue; - TQString fname = fi.filePath(); - - // don't load the same plugin again! - if(plugin_have(fname)) - continue; - //printf("f=[%s]\n", fname.latin1()); - - ProviderItem *i = ProviderItem::load(fname); - if(!i) - continue; - if(i->p->qcaVersion() != TQCA_PLUGIN_VERSION) { - delete i; - continue; - } - - providerList.append(i); - } - } -} - -static void plugin_addClass(TQCAProvider *p) -{ - ProviderItem *i = ProviderItem::fromClass(p); - providerList.prepend(i); -} - -static void plugin_unloadall() -{ - providerList.clear(); -} - -static int plugin_caps() -{ - int caps = 0; - TQPtrListIterator<ProviderItem> it(providerList); - for(ProviderItem *i; (i = it.current()); ++it) - caps |= i->p->capabilities(); - return caps; -} - -TQString TQCA::arrayToHex(const TQByteArray &a) -{ - TQString out; - for(int n = 0; n < (int)a.size(); ++n) { - TQString str; - str.sprintf("%02x", (uchar)a[n]); - out.append(str); - } - return out; -} - -TQByteArray TQCA::hexToArray(const TQString &str) -{ - TQByteArray out(str.length() / 2); - int at = 0; - for(int n = 0; n + 1 < (int)str.length(); n += 2) { - uchar a = str[n]; - uchar b = str[n+1]; - uchar c = ((a & 0x0f) << 4) + (b & 0x0f); - out[at++] = c; - } - return out; -} - -void TQCA::init() -{ - if(qca_init) - return; - qca_init = true; - providerList.setAutoDelete(true); -} - -bool TQCA::isSupported(int capabilities) -{ - init(); - - int caps = plugin_caps(); - if(caps & capabilities) - return true; - - // ok, try scanning for new stuff - plugin_scan(); - caps = plugin_caps(); - if(caps & capabilities) - return true; - - return false; -} - -void TQCA::insertProvider(TQCAProvider *p) -{ - plugin_addClass(p); -} - -void TQCA::unloadAllPlugins() -{ - plugin_unloadall(); -} - -static void *getContext(int cap) -{ - init(); - - // this call will also trip a scan for new plugins if needed - if(!TQCA::isSupported(cap)) - return 0; - - TQPtrListIterator<ProviderItem> it(providerList); - for(ProviderItem *i; (i = it.current()); ++it) { - if(i->p->capabilities() & cap) { - i->ensureInit(); - return i->p->context(cap); - } - } - return 0; -} - - -//---------------------------------------------------------------------------- -// Hash -//---------------------------------------------------------------------------- -class Hash::Private -{ -public: - Private() - { - c = 0; - } - - ~Private() - { - delete c; - } - - void reset() - { - c->reset(); - } - - TQCA_HashContext *c; -}; - -Hash::Hash(TQCA_HashContext *c) -{ - d = new Private; - d->c = c; -} - -Hash::Hash(const Hash &from) -{ - d = new Private; - *this = from; -} - -Hash & Hash::operator=(const Hash &from) -{ - delete d->c; - d->c = from.d->c->clone(); - return *this; -} - -Hash::~Hash() -{ - delete d; -} - -void Hash::clear() -{ - d->reset(); -} - -void Hash::update(const TQByteArray &a) -{ - d->c->update(a.data(), a.size()); -} - -TQByteArray Hash::final() -{ - TQByteArray buf; - d->c->final(&buf); - return buf; -} - - -//---------------------------------------------------------------------------- -// Cipher -//---------------------------------------------------------------------------- -class Cipher::Private -{ -public: - Private() - { - c = 0; - } - - ~Private() - { - delete c; - } - - void reset() - { - dir = Encrypt; - key.resize(0); - iv.resize(0); - err = false; - } - - TQCA_CipherContext *c; - int dir; - int mode; - TQByteArray key, iv; - bool err; -}; - -Cipher::Cipher(TQCA_CipherContext *c, int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -{ - d = new Private; - d->c = c; - reset(dir, mode, key, iv, pad); -} - -Cipher::Cipher(const Cipher &from) -{ - d = new Private; - *this = from; -} - -Cipher & Cipher::operator=(const Cipher &from) -{ - delete d->c; - d->c = from.d->c->clone(); - d->dir = from.d->dir; - d->mode = from.d->mode; - d->key = from.d->key.copy(); - d->iv = from.d->iv.copy(); - d->err = from.d->err; - return *this; -} - -Cipher::~Cipher() -{ - delete d; -} - -TQByteArray Cipher::dyn_generateKey(int size) const -{ - TQByteArray buf; - if(size != -1) - buf.resize(size); - else - buf.resize(d->c->keySize()); - if(!d->c->generateKey(buf.data(), size)) - return TQByteArray(); - return buf; -} - -TQByteArray Cipher::dyn_generateIV() const -{ - TQByteArray buf(d->c->blockSize()); - if(!d->c->generateIV(buf.data())) - return TQByteArray(); - return buf; -} - -void Cipher::reset(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -{ - d->reset(); - - d->dir = dir; - d->mode = mode; - d->key = key.copy(); - d->iv = iv.copy(); - if(!d->c->setup(d->dir, d->mode, d->key.isEmpty() ? 0: d->key.data(), d->key.size(), d->iv.isEmpty() ? 0 : d->iv.data(), pad)) { - d->err = true; - return; - } -} - -bool Cipher::update(const TQByteArray &a) -{ - if(d->err) - return false; - - if(!a.isEmpty()) { - if(!d->c->update(a.data(), a.size())) { - d->err = true; - return false; - } - } - return true; -} - -TQByteArray Cipher::final(bool *ok) -{ - if(ok) - *ok = false; - if(d->err) - return TQByteArray(); - - TQByteArray out; - if(!d->c->final(&out)) { - d->err = true; - return TQByteArray(); - } - if(ok) - *ok = true; - return out; -} - - -//---------------------------------------------------------------------------- -// SHA1 -//---------------------------------------------------------------------------- -SHA1::SHA1() -:Hash((TQCA_HashContext *)getContext(CAP_SHA1)) -{ -} - - -//---------------------------------------------------------------------------- -// SHA256 -//---------------------------------------------------------------------------- -SHA256::SHA256() -:Hash((TQCA_HashContext *)getContext(CAP_SHA256)) -{ -} - - -//---------------------------------------------------------------------------- -// MD5 -//---------------------------------------------------------------------------- -MD5::MD5() -:Hash((TQCA_HashContext *)getContext(CAP_MD5)) -{ -} - - -//---------------------------------------------------------------------------- -// BlowFish -//---------------------------------------------------------------------------- -BlowFish::BlowFish(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -:Cipher((TQCA_CipherContext *)getContext(CAP_BlowFish), dir, mode, key, iv, pad) -{ -} - - -//---------------------------------------------------------------------------- -// TripleDES -//---------------------------------------------------------------------------- -TripleDES::TripleDES(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -:Cipher((TQCA_CipherContext *)getContext(CAP_TripleDES), dir, mode, key, iv, pad) -{ -} - - -//---------------------------------------------------------------------------- -// AES128 -//---------------------------------------------------------------------------- -AES128::AES128(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -:Cipher((TQCA_CipherContext *)getContext(CAP_AES128), dir, mode, key, iv, pad) -{ -} - - -//---------------------------------------------------------------------------- -// AES256 -//---------------------------------------------------------------------------- -AES256::AES256(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad) -:Cipher((TQCA_CipherContext *)getContext(CAP_AES256), dir, mode, key, iv, pad) -{ -} - - -//---------------------------------------------------------------------------- -// RSAKey -//---------------------------------------------------------------------------- -class RSAKey::Private -{ -public: - Private() - { - c = 0; - } - - ~Private() - { - delete c; - } - - TQCA_RSAKeyContext *c; -}; - -RSAKey::RSAKey() -{ - d = new Private; - d->c = (TQCA_RSAKeyContext *)getContext(CAP_RSA); -} - -RSAKey::RSAKey(const RSAKey &from) -{ - d = new Private; - *this = from; -} - -RSAKey & RSAKey::operator=(const RSAKey &from) -{ - delete d->c; - d->c = from.d->c->clone(); - return *this; -} - -RSAKey::~RSAKey() -{ - delete d; -} - -bool RSAKey::isNull() const -{ - return d->c->isNull(); -} - -bool RSAKey::havePublic() const -{ - return d->c->havePublic(); -} - -bool RSAKey::havePrivate() const -{ - return d->c->havePrivate(); -} - -TQByteArray RSAKey::toDER(bool publicOnly) const -{ - TQByteArray out; - if(!d->c->toDER(&out, publicOnly)) - return TQByteArray(); - return out; -} - -bool RSAKey::fromDER(const TQByteArray &a) -{ - return d->c->createFromDER(a.data(), a.size()); -} - -TQString RSAKey::toPEM(bool publicOnly) const -{ - TQByteArray out; - if(!d->c->toPEM(&out, publicOnly)) - return TQByteArray(); - - TQCString cs; - cs.resize(out.size()+1); - memcpy(cs.data(), out.data(), out.size()); - return TQString::fromLatin1(cs); -} - -bool RSAKey::fromPEM(const TQString &str) -{ - TQCString cs = str.latin1(); - TQByteArray a(cs.length()); - memcpy(a.data(), cs.data(), a.size()); - return d->c->createFromPEM(a.data(), a.size()); -} - -bool RSAKey::fromNative(void *p) -{ - return d->c->createFromNative(p); -} - -bool RSAKey::encrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const -{ - TQByteArray out; - if(!d->c->encrypt(a, &out, oaep)) - return false; - *b = out; - return true; -} - -bool RSAKey::decrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const -{ - TQByteArray out; - if(!d->c->decrypt(a, &out, oaep)) - return false; - *b = out; - return true; -} - -bool RSAKey::generate(unsigned int bits) -{ - return d->c->generate(bits); -} - - -//---------------------------------------------------------------------------- -// RSA -//---------------------------------------------------------------------------- -RSA::RSA() -{ -} - -RSA::~RSA() -{ -} - -RSAKey RSA::key() const -{ - return v_key; -} - -void RSA::setKey(const RSAKey &k) -{ - v_key = k; -} - -bool RSA::encrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const -{ - if(v_key.isNull()) - return false; - return v_key.encrypt(a, b, oaep); -} - -bool RSA::decrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const -{ - if(v_key.isNull()) - return false; - return v_key.decrypt(a, b, oaep); -} - -RSAKey RSA::generateKey(unsigned int bits) -{ - RSAKey k; - k.generate(bits); - return k; -} - - -//---------------------------------------------------------------------------- -// Cert -//---------------------------------------------------------------------------- -class Cert::Private -{ -public: - Private() - { - c = 0; - } - - ~Private() - { - delete c; - } - - TQCA_CertContext *c; -}; - -Cert::Cert() -{ - d = new Private; - // crash because this is returning 0 - d->c = (TQCA_CertContext *)getContext(CAP_X509); -} - -Cert::Cert(const Cert &from) -{ - d = new Private; - *this = from; -} - -Cert & Cert::operator=(const Cert &from) -{ - delete d->c; - if ( from.d->c ) - d->c = from.d->c->clone(); - else - d->c = 0; - return *this; -} - -Cert::~Cert() -{ - delete d; -} - -void Cert::fromContext(TQCA_CertContext *ctx) -{ - delete d->c; - d->c = ctx; -} - -bool Cert::isNull() const -{ - return d->c->isNull(); -} - -TQString Cert::commonName() const -{ - CertProperties props = subject(); - return props["CN"]; -} - -TQString Cert::serialNumber() const -{ - return d->c->serialNumber(); -} - -TQString Cert::subjectString() const -{ - return d->c->subjectString(); -} - -TQString Cert::issuerString() const -{ - return d->c->issuerString(); -} - -CertProperties Cert::subject() const -{ - TQValueList<TQCA_CertProperty> list = d->c->subject(); - CertProperties props; - for(TQValueList<TQCA_CertProperty>::ConstIterator it = list.begin(); it != list.end(); ++it) - props[(*it).var] = (*it).val; - return props; -} - -CertProperties Cert::issuer() const -{ - TQValueList<TQCA_CertProperty> list = d->c->issuer(); - CertProperties props; - for(TQValueList<TQCA_CertProperty>::ConstIterator it = list.begin(); it != list.end(); ++it) - props[(*it).var] = (*it).val; - return props; -} - -TQDateTime Cert::notBefore() const -{ - return d->c->notBefore(); -} - -TQDateTime Cert::notAfter() const -{ - return d->c->notAfter(); -} - -TQByteArray Cert::toDER() const -{ - TQByteArray out; - if(!d->c->toDER(&out)) - return TQByteArray(); - return out; -} - -bool Cert::fromDER(const TQByteArray &a) -{ - return d->c->createFromDER(a.data(), a.size()); -} - -TQString Cert::toPEM() const -{ - TQByteArray out; - if(!d->c->toPEM(&out)) - return TQByteArray(); - - TQCString cs; - cs.resize(out.size()+1); - memcpy(cs.data(), out.data(), out.size()); - return TQString::fromLatin1(cs); -} - -bool Cert::fromPEM(const TQString &str) -{ - TQCString cs = str.latin1(); - TQByteArray a(cs.length()); - memcpy(a.data(), cs.data(), a.size()); - return d->c->createFromPEM(a.data(), a.size()); -} - - -//---------------------------------------------------------------------------- -// TLS -//---------------------------------------------------------------------------- -class TLS::Private -{ -public: - Private() - { - c = (TQCA_TLSContext *)getContext(CAP_TLS); - } - - ~Private() - { - delete c; - } - - void reset() - { - handshaken = false; - closing = false; - in.resize(0); - out.resize(0); - from_net.resize(0); - to_net.resize(0); - host = ""; - hostMismatch = false; - // this causes the crash, because the Cert ctor is setting a null context - cert = Cert(); - bytesEncoded = 0; - tryMore = false; - } - - void appendArray(TQByteArray *a, const TQByteArray &b) - { - int oldsize = a->size(); - a->resize(oldsize + b.size()); - memcpy(a->data() + oldsize, b.data(), b.size()); - } - - Cert cert; - TQCA_TLSContext *c; - TQByteArray in, out, to_net, from_net; - int bytesEncoded; - bool tryMore; - bool handshaken; - TQString host; - bool hostMismatch; - bool closing; - - Cert ourCert; - RSAKey ourKey; - TQPtrList<TQCA_CertContext> store; -}; - -TLS::TLS(TQObject *parent) -:TQObject(parent) -{ - d = new Private; -} - -TLS::~TLS() -{ - delete d; -} - -void TLS::setCertificate(const Cert &cert, const RSAKey &key) -{ - d->ourCert = cert; - d->ourKey = key; -} - -void TLS::setCertificateStore(const TQPtrList<Cert> &store) -{ - // convert the cert list into a context list - d->store.clear(); - TQPtrListIterator<Cert> it(store); - for(Cert *cert; (cert = it.current()); ++it) - d->store.append(cert->d->c); -} - -void TLS::reset() -{ - d->reset(); -} - -bool TLS::startClient(const TQString &host) -{ - d->reset(); - d->host = host; - - if(!d->c->startClient(d->store, *d->ourCert.d->c, *d->ourKey.d->c)) - return false; - TQTimer::singleShot(0, this, TQT_SLOT(update())); - return true; -} - -bool TLS::startServer() -{ - d->reset(); - - if(!d->c->startServer(d->store, *d->ourCert.d->c, *d->ourKey.d->c)) - return false; - TQTimer::singleShot(0, this, TQT_SLOT(update())); - return true; -} - -void TLS::close() -{ - if(!d->handshaken || d->closing) - return; - - d->closing = true; - TQTimer::singleShot(0, this, TQT_SLOT(update())); -} - -bool TLS::isHandshaken() const -{ - return d->handshaken; -} - -void TLS::write(const TQByteArray &a) -{ - d->appendArray(&d->out, a); - update(); -} - -TQByteArray TLS::read() -{ - TQByteArray a = d->in.copy(); - d->in.resize(0); - return a; -} - -void TLS::writeIncoming(const TQByteArray &a) -{ - d->appendArray(&d->from_net, a); - update(); -} - -TQByteArray TLS::readOutgoing() -{ - TQByteArray a = d->to_net.copy(); - d->to_net.resize(0); - return a; -} - -TQByteArray TLS::readUnprocessed() -{ - TQByteArray a = d->from_net.copy(); - d->from_net.resize(0); - return a; -} - -const Cert & TLS::peerCertificate() const -{ - return d->cert; -} - -int TLS::certificateValidityResult() const -{ - if(d->hostMismatch) - return TQCA::TLS::HostMismatch; - else - return d->c->validityResult(); -} - -void TLS::update() -{ - bool force_read = false; - bool eof = false; - bool done = false; - TQGuardedPtr<TLS> self = this; - - if(d->closing) { - TQByteArray a; - int r = d->c->shutdown(d->from_net, &a); - d->from_net.resize(0); - if(r == TQCA_TLSContext::Error) { - reset(); - error(ErrHandshake); - return; - } - if(r == TQCA_TLSContext::Success) { - d->from_net = d->c->unprocessed().copy(); - done = true; - } - d->appendArray(&d->to_net, a); - } - else { - if(!d->handshaken) { - TQByteArray a; - int r = d->c->handshake(d->from_net, &a); - d->from_net.resize(0); - if(r == TQCA_TLSContext::Error) { - reset(); - error(ErrHandshake); - return; - } - d->appendArray(&d->to_net, a); - if(r == TQCA_TLSContext::Success) { - TQCA_CertContext *cc = d->c->peerCertificate(); - if(cc && !d->host.isEmpty() && d->c->validityResult() == TQCA::TLS::Valid) { - if(!cc->matchesAddress(d->host)) - d->hostMismatch = true; - } - d->cert.fromContext(cc); - d->handshaken = true; - handshaken(); - if(!self) - return; - - // there is a teeny tiny possibility that incoming data awaits. let us get it. - force_read = true; - } - } - - if(d->handshaken) { - if(!d->out.isEmpty() || d->tryMore) { - d->tryMore = false; - TQByteArray a; - int enc; - bool more = false; - bool ok = d->c->encode(d->out, &a, &enc); - eof = d->c->eof(); - if(ok && enc < (int)d->out.size()) - more = true; - d->out.resize(0); - if(!eof) { - if(!ok) { - reset(); - error(ErrCrypt); - return; - } - d->bytesEncoded += enc; - if(more) - d->tryMore = true; - d->appendArray(&d->to_net, a); - } - } - if(!d->from_net.isEmpty() || force_read) { - TQByteArray a, b; - bool ok = d->c->decode(d->from_net, &a, &b); - eof = d->c->eof(); - d->from_net.resize(0); - if(!ok) { - reset(); - error(ErrCrypt); - return; - } - d->appendArray(&d->in, a); - d->appendArray(&d->to_net, b); - } - - if(!d->in.isEmpty()) { - readyRead(); - if(!self) - return; - } - } - } - - if(!d->to_net.isEmpty()) { - int bytes = d->bytesEncoded; - d->bytesEncoded = 0; - readyReadOutgoing(bytes); - if(!self) - return; - } - - if(eof) { - close(); - if(!self) - return; - return; - } - - if(d->closing && done) { - reset(); - closed(); - } -} - - -//---------------------------------------------------------------------------- -// SASL -//---------------------------------------------------------------------------- -TQString saslappname = "qca"; -class SASL::Private -{ -public: - Private() - { - c = (TQCA_SASLContext *)getContext(CAP_SASL); - } - - ~Private() - { - delete c; - } - - void setSecurityProps() - { - c->setSecurityProps(noPlain, noActive, noDict, noAnon, reqForward, reqCreds, reqMutual, ssfmin, ssfmax, ext_authid, ext_ssf); - } - - // security opts - bool noPlain, noActive, noDict, noAnon, reqForward, reqCreds, reqMutual; - int ssfmin, ssfmax; - TQString ext_authid; - int ext_ssf; - - bool tried; - TQCA_SASLContext *c; - TQHostAddress localAddr, remoteAddr; - int localPort, remotePort; - TQByteArray stepData; - bool allowCSF; - bool first, server; - - TQByteArray inbuf, outbuf; -}; - -SASL::SASL(TQObject *parent) -:TQObject(parent) -{ - d = new Private; - reset(); -} - -SASL::~SASL() -{ - delete d; -} - -void SASL::setAppName(const TQString &name) -{ - saslappname = name; -} - -void SASL::reset() -{ - d->localPort = -1; - d->remotePort = -1; - - d->noPlain = false; - d->noActive = false; - d->noDict = false; - d->noAnon = false; - d->reqForward = false; - d->reqCreds = false; - d->reqMutual = false; - d->ssfmin = 0; - d->ssfmax = 0; - d->ext_authid = ""; - d->ext_ssf = 0; - - d->inbuf.resize(0); - d->outbuf.resize(0); - - d->c->reset(); -} - -int SASL::errorCondition() const -{ - return d->c->errorCond(); -} - -void SASL::setAllowPlain(bool b) -{ - d->noPlain = !b; -} - -void SASL::setAllowAnonymous(bool b) -{ - d->noAnon = !b; -} - -void SASL::setAllowActiveVulnerable(bool b) -{ - d->noActive = !b; -} - -void SASL::setAllowDictionaryVulnerable(bool b) -{ - d->noDict = !b; -} - -void SASL::setRequireForwardSecrecy(bool b) -{ - d->reqForward = b; -} - -void SASL::setRequirePassCredentials(bool b) -{ - d->reqCreds = b; -} - -void SASL::setRequireMutualAuth(bool b) -{ - d->reqMutual = b; -} - -void SASL::setMinimumSSF(int x) -{ - d->ssfmin = x; -} - -void SASL::setMaximumSSF(int x) -{ - d->ssfmax = x; -} - -void SASL::setExternalAuthID(const TQString &authid) -{ - d->ext_authid = authid; -} - -void SASL::setExternalSSF(int x) -{ - d->ext_ssf = x; -} - -void SASL::setLocalAddr(const TQHostAddress &addr, TQ_UINT16 port) -{ - d->localAddr = addr; - d->localPort = port; -} - -void SASL::setRemoteAddr(const TQHostAddress &addr, TQ_UINT16 port) -{ - d->remoteAddr = addr; - d->remotePort = port; -} - -bool SASL::startClient(const TQString &service, const TQString &host, const TQStringList &mechlist, bool allowClientSendFirst) -{ - TQCA_SASLHostPort la, ra; - if(d->localPort != -1) { - la.addr = d->localAddr; - la.port = d->localPort; - } - if(d->remotePort != -1) { - ra.addr = d->remoteAddr; - ra.port = d->remotePort; - } - - d->allowCSF = allowClientSendFirst; - d->c->setCoreProps(service, host, d->localPort != -1 ? &la : 0, d->remotePort != -1 ? &ra : 0); - d->setSecurityProps(); - - if(!d->c->clientStart(mechlist)) - return false; - d->first = true; - d->server = false; - d->tried = false; - TQTimer::singleShot(0, this, TQT_SLOT(tryAgain())); - return true; -} - -bool SASL::startServer(const TQString &service, const TQString &host, const TQString &realm, TQStringList *mechlist) -{ - TQCA_SASLHostPort la, ra; - if(d->localPort != -1) { - la.addr = d->localAddr; - la.port = d->localPort; - } - if(d->remotePort != -1) { - ra.addr = d->remoteAddr; - ra.port = d->remotePort; - } - - d->c->setCoreProps(service, host, d->localPort != -1 ? &la : 0, d->remotePort != -1 ? &ra : 0); - d->setSecurityProps(); - - if(!d->c->serverStart(realm, mechlist, saslappname)) - return false; - d->first = true; - d->server = true; - d->tried = false; - return true; -} - -void SASL::putServerFirstStep(const TQString &mech) -{ - int r = d->c->serverFirstStep(mech, 0); - handleServerFirstStep(r); -} - -void SASL::putServerFirstStep(const TQString &mech, const TQByteArray &clientInit) -{ - int r = d->c->serverFirstStep(mech, &clientInit); - handleServerFirstStep(r); -} - -void SASL::handleServerFirstStep(int r) -{ - if(r == TQCA_SASLContext::Success) - authenticated(); - else if(r == TQCA_SASLContext::Continue) - nextStep(d->c->result()); - else if(r == TQCA_SASLContext::AuthCheck) - tryAgain(); - else - error(ErrAuth); -} - -void SASL::putStep(const TQByteArray &stepData) -{ - d->stepData = stepData.copy(); - tryAgain(); -} - -void SASL::setUsername(const TQString &user) -{ - d->c->setClientParams(&user, 0, 0, 0); -} - -void SASL::setAuthzid(const TQString &authzid) -{ - d->c->setClientParams(0, &authzid, 0, 0); -} - -void SASL::setPassword(const TQString &pass) -{ - d->c->setClientParams(0, 0, &pass, 0); -} - -void SASL::setRealm(const TQString &realm) -{ - d->c->setClientParams(0, 0, 0, &realm); -} - -void SASL::continueAfterParams() -{ - tryAgain(); -} - -void SASL::continueAfterAuthCheck() -{ - tryAgain(); -} - -void SASL::tryAgain() -{ - int r; - - if(d->server) { - if(!d->tried) { - r = d->c->nextStep(d->stepData); - d->tried = true; - } - else { - r = d->c->tryAgain(); - } - - if(r == TQCA_SASLContext::Error) { - error(ErrAuth); - return; - } - else if(r == TQCA_SASLContext::Continue) { - d->tried = false; - nextStep(d->c->result()); - return; - } - else if(r == TQCA_SASLContext::AuthCheck) { - authCheck(d->c->username(), d->c->authzid()); - return; - } - } - else { - if(d->first) { - if(!d->tried) { - r = d->c->clientFirstStep(d->allowCSF); - d->tried = true; - } - else - r = d->c->tryAgain(); - - if(r == TQCA_SASLContext::Error) { - error(ErrAuth); - return; - } - else if(r == TQCA_SASLContext::NeedParams) { - //d->tried = false; - TQCA_SASLNeedParams np = d->c->clientParamsNeeded(); - needParams(np.user, np.authzid, np.pass, np.realm); - return; - } - - TQString mech = d->c->mech(); - const TQByteArray *clientInit = d->c->clientInit(); - - d->first = false; - d->tried = false; - clientFirstStep(mech, clientInit); - } - else { - if(!d->tried) { - r = d->c->nextStep(d->stepData); - d->tried = true; - } - else - r = d->c->tryAgain(); - - if(r == TQCA_SASLContext::Error) { - error(ErrAuth); - return; - } - else if(r == TQCA_SASLContext::NeedParams) { - //d->tried = false; - TQCA_SASLNeedParams np = d->c->clientParamsNeeded(); - needParams(np.user, np.authzid, np.pass, np.realm); - return; - } - d->tried = false; - //else if(r == TQCA_SASLContext::Continue) { - nextStep(d->c->result()); - // return; - //} - } - } - - if(r == TQCA_SASLContext::Success) - authenticated(); - else if(r == TQCA_SASLContext::Error) - error(ErrAuth); -} - -int SASL::ssf() const -{ - return d->c->security(); -} - -void SASL::write(const TQByteArray &a) -{ - TQByteArray b; - if(!d->c->encode(a, &b)) { - error(ErrCrypt); - return; - } - int oldsize = d->outbuf.size(); - d->outbuf.resize(oldsize + b.size()); - memcpy(d->outbuf.data() + oldsize, b.data(), b.size()); - readyReadOutgoing(a.size()); -} - -TQByteArray SASL::read() -{ - TQByteArray a = d->inbuf.copy(); - d->inbuf.resize(0); - return a; -} - -void SASL::writeIncoming(const TQByteArray &a) -{ - TQByteArray b; - if(!d->c->decode(a, &b)) { - error(ErrCrypt); - return; - } - int oldsize = d->inbuf.size(); - d->inbuf.resize(oldsize + b.size()); - memcpy(d->inbuf.data() + oldsize, b.data(), b.size()); - readyRead(); -} - -TQByteArray SASL::readOutgoing() -{ - TQByteArray a = d->outbuf.copy(); - d->outbuf.resize(0); - return a; -} - -#include "tqca.moc" |