diff options
Diffstat (limited to 'kopete/protocols/jabber/libiris/qca/src/qca.h')
-rw-r--r-- | kopete/protocols/jabber/libiris/qca/src/qca.h | 466 |
1 files changed, 466 insertions, 0 deletions
diff --git a/kopete/protocols/jabber/libiris/qca/src/qca.h b/kopete/protocols/jabber/libiris/qca/src/qca.h new file mode 100644 index 00000000..e7cd1609 --- /dev/null +++ b/kopete/protocols/jabber/libiris/qca/src/qca.h @@ -0,0 +1,466 @@ +/* + * qca.h - Qt Cryptographic Architecture + * Copyright (C) 2003 Justin Karneges + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +#ifndef QCA_H +#define QCA_H + +#include<qstring.h> +#include<qcstring.h> +#include<qdatetime.h> +#include<qmap.h> +#include<qptrlist.h> +#include<qobject.h> + +#ifdef Q_OS_WIN32 +# ifndef QCA_STATIC +# ifdef QCA_MAKEDLL +# define QCA_EXPORT __declspec(dllexport) +# else +# define QCA_EXPORT __declspec(dllimport) +# endif +# endif +#endif +#ifndef QCA_EXPORT +#define QCA_EXPORT +#endif + +#ifdef Q_OS_WIN32 +# ifdef QCA_PLUGIN_DLL +# define QCA_PLUGIN_EXPORT extern "C" __declspec(dllexport) +# else +# define QCA_PLUGIN_EXPORT extern "C" __declspec(dllimport) +# endif +#endif +#ifndef QCA_PLUGIN_EXPORT +#define QCA_PLUGIN_EXPORT extern "C" +#endif + +class QHostAddress; +class QStringList; + +class QCAProvider; +class QCA_HashContext; +class QCA_CipherContext; +class QCA_CertContext; + +namespace QCA +{ + enum { + CAP_SHA1 = 0x0001, + CAP_SHA256 = 0x0002, + CAP_MD5 = 0x0004, + CAP_BlowFish = 0x0008, + CAP_TripleDES = 0x0010, + CAP_AES128 = 0x0020, + CAP_AES256 = 0x0040, + CAP_RSA = 0x0080, + CAP_X509 = 0x0100, + CAP_TLS = 0x0200, + CAP_SASL = 0x0400 + }; + + enum { + CBC = 0x0001, + CFB = 0x0002 + }; + + enum { + Encrypt = 0x0001, + Decrypt = 0x0002 + }; + + QCA_EXPORT void init(); + QCA_EXPORT bool isSupported(int capabilities); + QCA_EXPORT void insertProvider(QCAProvider *); + QCA_EXPORT void unloadAllPlugins(); + + QCA_EXPORT QString arrayToHex(const QByteArray &); + QCA_EXPORT QByteArray hexToArray(const QString &); + + class QCA_EXPORT Hash + { + public: + Hash(const Hash &); + Hash & operator=(const Hash &); + ~Hash(); + + void clear(); + void update(const QByteArray &a); + QByteArray final(); + + protected: + Hash(QCA_HashContext *); + + private: + class Private; + Private *d; + }; + + template <class T> + class QCA_EXPORT HashStatic + { + public: + HashStatic<T>() {} + + static QByteArray hash(const QByteArray &a) + { + T obj; + obj.update(a); + return obj.final(); + } + + static QByteArray hash(const QCString &cs) + { + QByteArray a(cs.length()); + memcpy(a.data(), cs.data(), a.size()); + return hash(a); + } + + static QString hashToString(const QByteArray &a) + { + return arrayToHex(hash(a)); + } + + static QString hashToString(const QCString &cs) + { + return arrayToHex(hash(cs)); + } + }; + + class QCA_EXPORT Cipher + { + public: + Cipher(const Cipher &); + Cipher & operator=(const Cipher &); + ~Cipher(); + + QByteArray dyn_generateKey(int size=-1) const; + QByteArray dyn_generateIV() const; + void reset(int dir, int mode, const QByteArray &key, const QByteArray &iv, bool pad=true); + bool update(const QByteArray &a); + QByteArray final(bool *ok=0); + + protected: + Cipher(QCA_CipherContext *, int dir, int mode, const QByteArray &key, const QByteArray &iv, bool pad); + + private: + class Private; + Private *d; + }; + + template <class T> + class QCA_EXPORT CipherStatic + { + public: + CipherStatic<T>() {} + + static QByteArray generateKey(int size=-1) + { + T obj; + return obj.dyn_generateKey(size); + } + + static QByteArray generateIV() + { + T obj; + return obj.dyn_generateIV(); + } + }; + + class QCA_EXPORT SHA1 : public Hash, public HashStatic<SHA1> + { + public: + SHA1(); + }; + + class QCA_EXPORT SHA256 : public Hash, public HashStatic<SHA256> + { + public: + SHA256(); + }; + + class QCA_EXPORT MD5 : public Hash, public HashStatic<MD5> + { + public: + MD5(); + }; + + class QCA_EXPORT BlowFish : public Cipher, public CipherStatic<BlowFish> + { + public: + BlowFish(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true); + }; + + class QCA_EXPORT TripleDES : public Cipher, public CipherStatic<TripleDES> + { + public: + TripleDES(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true); + }; + + class QCA_EXPORT AES128 : public Cipher, public CipherStatic<AES128> + { + public: + AES128(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true); + }; + + class QCA_EXPORT AES256 : public Cipher, public CipherStatic<AES256> + { + public: + AES256(int dir=Encrypt, int mode=CBC, const QByteArray &key=QByteArray(), const QByteArray &iv=QByteArray(), bool pad=true); + }; + + class RSA; + class QCA_EXPORT RSAKey + { + public: + RSAKey(); + RSAKey(const RSAKey &from); + RSAKey & operator=(const RSAKey &from); + ~RSAKey(); + + bool isNull() const; + bool havePublic() const; + bool havePrivate() const; + + QByteArray toDER(bool publicOnly=false) const; + bool fromDER(const QByteArray &a); + + QString toPEM(bool publicOnly=false) const; + bool fromPEM(const QString &); + + // only call if you know what you are doing + bool fromNative(void *); + + private: + class Private; + Private *d; + + friend class RSA; + friend class TLS; + bool encrypt(const QByteArray &a, QByteArray *out, bool oaep) const; + bool decrypt(const QByteArray &a, QByteArray *out, bool oaep) const; + bool generate(unsigned int bits); + }; + + class QCA_EXPORT RSA + { + public: + RSA(); + ~RSA(); + + RSAKey key() const; + void setKey(const RSAKey &); + + bool encrypt(const QByteArray &a, QByteArray *out, bool oaep=false) const; + bool decrypt(const QByteArray &a, QByteArray *out, bool oaep=false) const; + + static RSAKey generateKey(unsigned int bits); + + private: + RSAKey v_key; + }; + + typedef QMap<QString, QString> CertProperties; + class QCA_EXPORT Cert + { + public: + Cert(); + Cert(const Cert &); + Cert & operator=(const Cert &); + ~Cert(); + + bool isNull() const; + + QString commonName() const; + QString serialNumber() const; + QString subjectString() const; + QString issuerString() const; + CertProperties subject() const; + CertProperties issuer() const; + QDateTime notBefore() const; + QDateTime notAfter() const; + + QByteArray toDER() const; + bool fromDER(const QByteArray &a); + + QString toPEM() const; + bool fromPEM(const QString &); + + private: + class Private; + Private *d; + + friend class TLS; + void fromContext(QCA_CertContext *); + }; + + class QCA_EXPORT TLS : public QObject + { + Q_OBJECT + public: + enum Validity { + NoCert, + Valid, + HostMismatch, + Rejected, + Untrusted, + SignatureFailed, + InvalidCA, + InvalidPurpose, + SelfSigned, + Revoked, + PathLengthExceeded, + Expired, + Unknown + }; + enum Error { ErrHandshake, ErrCrypt }; + + TLS(QObject *parent=0); + ~TLS(); + + void setCertificate(const Cert &cert, const RSAKey &key); + void setCertificateStore(const QPtrList<Cert> &store); // note: store must persist + + void reset(); + bool startClient(const QString &host=""); + bool startServer(); + void close(); + bool isHandshaken() const; + + // plain (application side) + void write(const QByteArray &a); + QByteArray read(); + + // encoded (socket side) + void writeIncoming(const QByteArray &a); + QByteArray readOutgoing(); + QByteArray readUnprocessed(); + + // cert related + const Cert & peerCertificate() const; + int certificateValidityResult() const; + + signals: + void handshaken(); + void readyRead(); + void readyReadOutgoing(int plainBytes); + void closed(); + void error(int); + + private slots: + void update(); + + private: + class Private; + Private *d; + }; + + class QCA_EXPORT SASL : public QObject + { + Q_OBJECT + public: + enum Error { ErrAuth, ErrCrypt }; + enum ErrorCond { + NoMech, + BadProto, + BadServ, + BadAuth, + NoAuthzid, + TooWeak, + NeedEncrypt, + Expired, + Disabled, + NoUser, + RemoteUnavail + }; + SASL(QObject *parent=0); + ~SASL(); + + static void setAppName(const QString &name); + + void reset(); + int errorCondition() const; + + // options + void setAllowPlain(bool); + void setAllowAnonymous(bool); + void setAllowActiveVulnerable(bool); + void setAllowDictionaryVulnerable(bool); + void setRequireForwardSecrecy(bool); + void setRequirePassCredentials(bool); + void setRequireMutualAuth(bool); + + void setMinimumSSF(int); + void setMaximumSSF(int); + void setExternalAuthID(const QString &authid); + void setExternalSSF(int); + + void setLocalAddr(const QHostAddress &addr, Q_UINT16 port); + void setRemoteAddr(const QHostAddress &addr, Q_UINT16 port); + + // initialize + bool startClient(const QString &service, const QString &host, const QStringList &mechlist, bool allowClientSendFirst=true); + bool startServer(const QString &service, const QString &host, const QString &realm, QStringList *mechlist); + + // authentication + void putStep(const QByteArray &stepData); + void putServerFirstStep(const QString &mech); + void putServerFirstStep(const QString &mech, const QByteArray &clientInit); + void setUsername(const QString &user); + void setAuthzid(const QString &auth); + void setPassword(const QString &pass); + void setRealm(const QString &realm); + void continueAfterParams(); + void continueAfterAuthCheck(); + + // security layer + int ssf() const; + void write(const QByteArray &a); + QByteArray read(); + void writeIncoming(const QByteArray &a); + QByteArray readOutgoing(); + + signals: + // for authentication + void clientFirstStep(const QString &mech, const QByteArray *clientInit); + void nextStep(const QByteArray &stepData); + void needParams(bool user, bool authzid, bool pass, bool realm); + void authCheck(const QString &user, const QString &authzid); + void authenticated(); + + // for security layer + void readyRead(); + void readyReadOutgoing(int plainBytes); + + // error + void error(int); + + private slots: + void tryAgain(); + + private: + class Private; + Private *d; + + void handleServerFirstStep(int r); + }; +} + +#endif |