• Skip to content
  • Skip to link menu
KDE 4.4 API Reference
  • KDE API Reference
  • KDE Support
  • Sitemap
  • Contact Us
 

qca

qca_securelayer.h

Go to the documentation of this file.
00001 /*
00002  * qca_securelayer.h - Qt Cryptographic Architecture
00003  * Copyright (C) 2003-2007  Justin Karneges <justin@affinix.com>
00004  * Copyright (C) 2004-2006  Brad Hards <bradh@frogmouth.net>
00005  *
00006  * This library is free software; you can redistribute it and/or
00007  * modify it under the terms of the GNU Lesser General Public
00008  * License as published by the Free Software Foundation; either
00009  * version 2.1 of the License, or (at your option) any later version.
00010  *
00011  * This library is distributed in the hope that it will be useful,
00012  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00013  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00014  * Lesser General Public License for more details.
00015  *
00016  * You should have received a copy of the GNU Lesser General Public
00017  * License along with this library; if not, write to the Free Software
00018  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
00019  * 02110-1301  USA
00020  *
00021  */
00022 
00032 #ifndef QCA_SECURELAYER_H
00033 #define QCA_SECURELAYER_H
00034 
00035 #include <QObject>
00036 #include "qca_core.h"
00037 #include "qca_publickey.h"
00038 #include "qca_cert.h"
00039 
00040 namespace QCA {
00041 
00059 enum SecurityLevel
00060 {
00061     SL_None,      
00062     SL_Integrity, 
00063     SL_Export,    
00064     SL_Baseline,  
00065     SL_High,      
00066     SL_Highest    
00067 };
00068 
00104 class QCA_EXPORT SecureLayer : public QObject
00105 {
00106     Q_OBJECT
00107 public:
00114     SecureLayer(QObject *parent = 0);
00115 
00119     virtual bool isClosable() const;
00120 
00125     virtual int bytesAvailable() const = 0;
00126 
00131     virtual int bytesOutgoingAvailable() const = 0;
00132 
00140     virtual void close();
00141 
00149     virtual void write(const QByteArray &a) = 0;
00150 
00157     virtual QByteArray read() = 0;
00158 
00168     virtual void writeIncoming(const QByteArray &a) = 0;
00169 
00179     virtual QByteArray readOutgoing(int *plainBytes = 0) = 0;
00180 
00188     virtual QByteArray readUnprocessed();
00189 
00195     virtual int convertBytesWritten(qint64 encryptedBytes) = 0;
00196 
00197 Q_SIGNALS:
00204     void readyRead();
00205 
00212     void readyReadOutgoing();
00213 
00218     void closed();
00219 
00224     void error();
00225 
00226 private:
00227     Q_DISABLE_COPY(SecureLayer)
00228 };
00229 
00238 class QCA_EXPORT TLSSession : public Algorithm
00239 {
00240 public:
00241     TLSSession();
00242 
00248     TLSSession(const TLSSession &from);
00249 
00250     ~TLSSession();
00251 
00257     TLSSession & operator=(const TLSSession &from);
00258 
00262     bool isNull() const;
00263 };
00264 
00289 class QCA_EXPORT TLS : public SecureLayer, public Algorithm
00290 {
00291     Q_OBJECT
00292 public:
00296     enum Mode
00297     {
00298         Stream,  
00299         Datagram 
00300     };
00301 
00305     enum Version
00306     {
00307         TLS_v1, 
00308         SSL_v3, 
00309         SSL_v2, 
00310         DTLS_v1 
00311     };
00312 
00316     enum Error
00317     {
00318         ErrorSignerExpired,   
00319         ErrorSignerInvalid,   
00320         ErrorCertKeyMismatch, 
00321         ErrorInit,            
00322         ErrorHandshake,       
00323         ErrorCrypt            
00324     };
00325 
00329     enum IdentityResult
00330     {
00331         Valid,              
00332         HostMismatch,       
00333         InvalidCertificate, 
00334         NoCertificate       
00335     };
00336 
00348     explicit TLS(QObject *parent = 0, const QString &provider = QString());
00349 
00361     explicit TLS(Mode mode, QObject *parent = 0, const QString &provider = QString());
00362 
00366     ~TLS();
00367 
00371     void reset();
00372 
00387     QStringList supportedCipherSuites(const Version &version = TLS_v1) const;
00388 
00402     void setCertificate(const CertificateChain &cert, const PrivateKey &key);
00403 
00412     void setCertificate(const KeyBundle &kb);
00413 
00417     CertificateCollection trustedCertificates() const;
00418 
00430     void setTrustedCertificates(const CertificateCollection &trusted);
00431 
00437     void setConstraints(SecurityLevel s);
00438 
00447     void setConstraints(int minSSF, int maxSSF);
00448 
00459     void setConstraints(const QStringList &cipherSuiteList);
00460 
00483     QList<CertificateInfoOrdered> issuerList() const;
00484 
00491     void setIssuerList(const QList<CertificateInfoOrdered> &issuers);
00492 
00498     void setSession(const TLSSession &session);
00499 
00505     bool canCompress() const;
00506 
00513     bool canSetHostName() const;
00514 
00522     bool compressionEnabled() const;
00523 
00530     void setCompressionEnabled(bool b);
00531 
00536     QString hostName() const;
00537 
00557     void startClient(const QString &host = QString());
00558 
00562     void startServer();
00563 
00573     void continueAfterStep();
00574 
00582     bool isHandshaken() const;
00583 
00589     bool isCompressed() const;
00590 
00594     Version version() const;
00595 
00602     QString cipherSuite() const;
00603 
00613     int cipherBits() const;
00614 
00621     int cipherMaxBits() const;
00622 
00627     TLSSession session() const;
00628 
00634     Error errorCode() const;
00635 
00653     IdentityResult peerIdentityResult() const;
00654 
00663     Validity peerCertificateValidity() const;
00664 
00669     CertificateChain localCertificateChain() const;
00670 
00675     PrivateKey localPrivateKey() const;
00676 
00681     CertificateChain peerCertificateChain() const;
00682 
00683     // reimplemented
00684     virtual bool isClosable() const;
00685     virtual int bytesAvailable() const;
00686     virtual int bytesOutgoingAvailable() const;
00687     virtual void close();
00688     virtual void write(const QByteArray &a);
00689     virtual QByteArray read();
00690     virtual void writeIncoming(const QByteArray &a);
00691     virtual QByteArray readOutgoing(int *plainBytes = 0);
00692     virtual QByteArray readUnprocessed();
00693     virtual int convertBytesWritten(qint64 encryptedBytes);
00694 
00701     int packetsAvailable() const;
00702 
00709     int packetsOutgoingAvailable() const;
00710 
00716     int packetMTU() const;
00717 
00725     void setPacketMTU(int size) const;
00726 
00727 Q_SIGNALS:
00739     void hostNameReceived();
00740 
00752     void certificateRequested();
00753 
00764     void peerCertificateAvailable();
00765 
00777     void handshaken();
00778 
00779 protected:
00786     void connectNotify(const char *signal);
00787 
00794     void disconnectNotify(const char *signal);
00795 
00796 private:
00797     Q_DISABLE_COPY(TLS)
00798 
00799     class Private;
00800     friend class Private;
00801     Private *d;
00802 };
00803 
00831 class QCA_EXPORT SASL : public SecureLayer, public Algorithm
00832 {
00833     Q_OBJECT
00834 public:
00838     enum Error
00839     {
00840         ErrorInit,      
00841         ErrorHandshake, 
00842         ErrorCrypt      
00843     };
00844 
00848     enum AuthCondition
00849     {
00850         AuthFail,          
00851         NoMechanism,       
00852         BadProtocol,       
00853         BadServer,         
00854         BadAuth,           
00855         NoAuthzid,         
00856         TooWeak,           
00857         NeedEncrypt,       
00858         Expired,           
00859         Disabled,          
00860         NoUser,            
00861         RemoteUnavailable  
00862     };
00863 
00867     enum AuthFlags
00868     {
00869         AuthFlagsNone          = 0x00,
00870         AllowPlain             = 0x01,
00871         AllowAnonymous         = 0x02,
00872         RequireForwardSecrecy  = 0x04,
00873         RequirePassCredentials = 0x08,
00874         RequireMutualAuth      = 0x10,
00875         RequireAuthzidSupport  = 0x20  // server-only
00876     };
00877 
00881     enum ClientSendMode
00882     {
00883         AllowClientSendFirst,
00884         DisableClientSendFirst
00885     };
00886 
00890     enum ServerSendMode
00891     {
00892         AllowServerSendLast,
00893         DisableServerSendLast
00894     };
00895 
00906     class QCA_EXPORT Params
00907     {
00908     public:
00909         Params();
00910 
00922         Params(bool user, bool authzid, bool pass, bool realm);
00923 
00929         Params(const Params &from);
00930         ~Params();
00931 
00937         Params & operator=(const Params &from);
00938 
00942         bool needUsername() const;
00943 
00947         bool canSendAuthzid() const;
00948 
00952         bool needPassword() const;
00953 
00957         bool canSendRealm() const;
00958 
00959     private:
00960         class Private;
00961         Private *d;
00962     };
00963 
00972     explicit SASL(QObject *parent = 0, const QString &provider = QString());
00973 
00974     ~SASL();
00975 
00979     void reset();
00980 
00993     void setConstraints(AuthFlags f, SecurityLevel s = SL_None);
00994 
01010     void setConstraints(AuthFlags f, int minSSF, int maxSSF);
01011 
01018     void setLocalAddress(const QString &addr, quint16 port);
01019 
01026     void setRemoteAddress(const QString &addr, quint16 port);
01027 
01033     void setExternalAuthId(const QString &authid);
01034 
01041     void setExternalSSF(int strength);
01042 
01054     void startClient(const QString &service, const QString &host, const QStringList &mechlist, ClientSendMode mode = AllowClientSendFirst);
01055 
01067     void startServer(const QString &service, const QString &host, const QString &realm, ServerSendMode mode = DisableServerSendLast);
01068 
01078     void putServerFirstStep(const QString &mech);
01079 
01090     void putServerFirstStep(const QString &mech, const QByteArray &clientInit);
01091 
01101     void putStep(const QByteArray &stepData);
01102 
01106     QString mechanism() const;
01107 
01111     QStringList mechanismList() const;
01112 
01116     QStringList realmList() const;
01117 
01121     int ssf() const;
01122 
01126     Error errorCode() const;
01127 
01131     AuthCondition authCondition() const;
01132 
01138     void setUsername(const QString &user);
01139 
01145     void setAuthzid(const QString &auth);
01146 
01152     void setPassword(const SecureArray &pass);
01153 
01159     void setRealm(const QString &realm);
01160 
01164     void continueAfterParams();
01165 
01169     void continueAfterAuthCheck();
01170 
01171     // reimplemented
01172     virtual int bytesAvailable() const;
01173     virtual int bytesOutgoingAvailable() const;
01174     virtual void write(const QByteArray &a);
01175     virtual QByteArray read();
01176     virtual void writeIncoming(const QByteArray &a);
01177     virtual QByteArray readOutgoing(int *plainBytes = 0);
01178     virtual int convertBytesWritten(qint64 encryptedBytes);
01179 
01180 Q_SIGNALS:
01193     void clientStarted(bool clientInit, const QByteArray &clientInitData);
01194 
01199     void serverStarted();
01200 
01208     void nextStep(const QByteArray &stepData);
01209 
01220     void needParams(const QCA::SASL::Params &params);
01221 
01231     void authCheck(const QString &user, const QString &authzid);
01232 
01236     void authenticated();
01237 
01238 private:
01239     Q_DISABLE_COPY(SASL)
01240 
01241     class Private;
01242     friend class Private;
01243     Private *d;
01244 };
01245 
01246 }
01247 
01248 #endif

qca

Skip menu "qca"
  • Main Page
  • Modules
  • Namespace List
  • Class Hierarchy
  • Alphabetical List
  • Class List
  • File List
  • Namespace Members
  • Class Members
  • Related Pages

KDE Support

Skip menu "KDE Support"
  • akonadi
  • Decibel
  • grantlee
  • kdewin
  • phonon
  •     Backend
  • polkit-qt
  • qca
  • qimageblitz
  • soprano
  • strigi
  •     searchclient
  •     streamanalyzer
  •     streams
Generated for KDE Support by doxygen 1.5.9-20090814
This website is maintained by Adriaan de Groot and Allen Winter.
KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. | Legal