Qt Cryptographic Architecture
qcaprovider.h
Go to the documentation of this file.
1 /*
2  * qcaprovider.h - QCA Plugin API
3  * Copyright (C) 2003-2007 Justin Karneges <justin@affinix.com>
4  * Copyright (C) 2004,2005 Brad Hards <bradh@frogmouth.net>
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19  * 02110-1301 USA
20  *
21  */
22 
33 #ifndef QCAPROVIDER_H
34 #define QCAPROVIDER_H
35 
36 #include "qca_basic.h"
37 #include "qca_cert.h"
38 #include "qca_core.h"
39 #include "qca_keystore.h"
40 #include "qca_publickey.h"
41 #include "qca_securelayer.h"
42 #include "qca_securemessage.h"
43 
44 #include <limits>
45 
46 #ifndef DOXYGEN_NO_PROVIDER_API
47 
82 class QCA_EXPORT QCAPlugin
83 {
84 public:
88  virtual ~QCAPlugin()
89  {
90  }
91 
95  virtual QCA::Provider *createProvider() = 0;
96 };
97 
98 Q_DECLARE_INTERFACE(QCAPlugin, "com.affinix.qca.Plugin/1.0")
99 
100 namespace QCA {
101 
112 class QCA_EXPORT InfoContext : public BasicContext
113 {
114  Q_OBJECT
115 public:
122  : BasicContext(p, QStringLiteral("info"))
123  {
124  }
125 
129  virtual QStringList supportedHashTypes() const;
130 
134  virtual QStringList supportedCipherTypes() const;
135 
139  virtual QStringList supportedMACTypes() const;
140 };
141 
152 class QCA_EXPORT RandomContext : public BasicContext
153 {
154  Q_OBJECT
155 public:
162  : BasicContext(p, QStringLiteral("random"))
163  {
164  }
165 
171  virtual SecureArray nextBytes(int size) = 0;
172 };
173 
184 class QCA_EXPORT HashContext : public BasicContext
185 {
186  Q_OBJECT
187 public:
194  HashContext(Provider *p, const QString &type)
195  : BasicContext(p, type)
196  {
197  }
198 
202  virtual void clear() = 0;
203 
209  virtual void update(const MemoryRegion &a) = 0;
210 
214  virtual MemoryRegion final() = 0;
215 };
216 
227 class QCA_EXPORT CipherContext : public BasicContext
228 {
229  Q_OBJECT
230 public:
240  CipherContext(Provider *p, const QString &type)
241  : BasicContext(p, type)
242  {
243  }
244 
253  virtual void setup(Direction dir, const SymmetricKey &key, const InitializationVector &iv, const AuthTag &tag) = 0;
254 
258  virtual KeyLength keyLength() const = 0;
259 
263  virtual int blockSize() const = 0;
264 
268  virtual AuthTag tag() const = 0;
269 
276  virtual bool update(const SecureArray &in, SecureArray *out) = 0;
277 
283  virtual bool final(SecureArray *out) = 0;
284 };
285 
297 class QCA_EXPORT MACContext : public BasicContext
298 {
299  Q_OBJECT
300 public:
306  MACContext(Provider *p, const QString &type)
307  : BasicContext(p, type)
308  {
309  }
310 
316  virtual void setup(const SymmetricKey &key) = 0;
317 
321  virtual KeyLength keyLength() const = 0;
322 
328  virtual void update(const MemoryRegion &in) = 0;
329 
335  virtual void final(MemoryRegion *out) = 0;
336 
337 protected:
342  {
343  // this is used instead of a default implementation to make sure that
344  // provider authors think about it, at least a bit.
345  // See Meyers, Effective C++, Effective C++ (2nd Ed), Item 36
346  return KeyLength(0, INT_MAX, 1);
347  }
348 };
349 
361 class QCA_EXPORT KDFContext : public BasicContext
362 {
363  Q_OBJECT
364 public:
371  KDFContext(Provider *p, const QString &type)
372  : BasicContext(p, type)
373  {
374  }
375 
384  virtual SymmetricKey makeKey(const SecureArray &secret,
385  const InitializationVector &salt,
386  unsigned int keyLength,
387  unsigned int iterationCount) = 0;
388 
398  virtual SymmetricKey makeKey(const SecureArray &secret,
399  const InitializationVector &salt,
400  unsigned int keyLength,
401  int msecInterval,
402  unsigned int *iterationCount) = 0;
403 };
404 
415 class QCA_EXPORT HKDFContext : public BasicContext
416 {
417  Q_OBJECT
418 public:
425  HKDFContext(Provider *p, const QString &type)
426  : BasicContext(p, type)
427  {
428  }
429 
438  virtual SymmetricKey makeKey(const SecureArray &secret,
439  const InitializationVector &salt,
440  const InitializationVector &info,
441  unsigned int keyLength) = 0;
442 };
443 
454 class QCA_EXPORT DLGroupContext : public Provider::Context
455 {
456  Q_OBJECT
457 public:
464  : Provider::Context(p, QStringLiteral("dlgroup"))
465  {
466  }
467 
472 
476  virtual bool isNull() const = 0;
477 
491  virtual void fetchGroup(DLGroupSet set, bool block) = 0;
492 
501  virtual void getResult(BigInteger *p, BigInteger *q, BigInteger *g) const = 0;
502 
503 Q_SIGNALS:
508  void finished();
509 };
510 
522 class QCA_EXPORT PKeyBase : public BasicContext
523 {
524  Q_OBJECT
525 public:
532  PKeyBase(Provider *p, const QString &type);
533 
539  virtual bool isNull() const = 0;
540 
544  virtual PKey::Type type() const = 0;
545 
549  virtual bool isPrivate() const = 0;
550 
556  virtual bool canExport() const = 0;
557 
564  virtual void convertToPublic() = 0;
565 
569  virtual int bits() const = 0;
570 
577  virtual int maximumEncryptSize(EncryptionAlgorithm alg) const;
578 
586 
595  virtual bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg);
596 
603  virtual void startSign(SignatureAlgorithm alg, SignatureFormat format);
604 
611  virtual void startVerify(SignatureAlgorithm alg, SignatureFormat format);
612 
619  virtual void update(const MemoryRegion &in);
620 
626  virtual QByteArray endSign();
627 
635  virtual bool endVerify(const QByteArray &sig);
636 
645  virtual SymmetricKey deriveKey(const PKeyBase &theirs);
646 
647 Q_SIGNALS:
652  void finished();
653 };
654 
666 class QCA_EXPORT RSAContext : public PKeyBase
667 {
668  Q_OBJECT
669 public:
676  : PKeyBase(p, QStringLiteral("rsa"))
677  {
678  }
679 
694  virtual void createPrivate(int bits, int exp, bool block) = 0;
695 
705  virtual void createPrivate(const BigInteger &n,
706  const BigInteger &e,
707  const BigInteger &p,
708  const BigInteger &q,
709  const BigInteger &d) = 0;
710 
717  virtual void createPublic(const BigInteger &n, const BigInteger &e) = 0;
718 
722  virtual BigInteger n() const = 0;
723 
727  virtual BigInteger e() const = 0;
728 
732  virtual BigInteger p() const = 0;
733 
737  virtual BigInteger q() const = 0;
738 
742  virtual BigInteger d() const = 0;
743 };
744 
756 class QCA_EXPORT DSAContext : public PKeyBase
757 {
758  Q_OBJECT
759 public:
766  : PKeyBase(p, QStringLiteral("dsa"))
767  {
768  }
769 
783  virtual void createPrivate(const DLGroup &domain, bool block) = 0;
784 
792  virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x) = 0;
793 
800  virtual void createPublic(const DLGroup &domain, const BigInteger &y) = 0;
801 
805  virtual DLGroup domain() const = 0;
806 
810  virtual BigInteger y() const = 0;
811 
815  virtual BigInteger x() const = 0;
816 };
817 
829 class QCA_EXPORT DHContext : public PKeyBase
830 {
831  Q_OBJECT
832 public:
839  : PKeyBase(p, QStringLiteral("dh"))
840  {
841  }
842 
856  virtual void createPrivate(const DLGroup &domain, bool block) = 0;
857 
866  virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x) = 0;
867 
875  virtual void createPublic(const DLGroup &domain, const BigInteger &y) = 0;
876 
880  virtual DLGroup domain() const = 0;
881 
885  virtual BigInteger y() const = 0;
886 
890  virtual BigInteger x() const = 0;
891 };
892 
908 class QCA_EXPORT PKeyContext : public BasicContext
909 {
910  Q_OBJECT
911 public:
918  : BasicContext(p, QStringLiteral("pkey"))
919  {
920  }
921 
925  virtual QList<PKey::Type> supportedTypes() const = 0;
926 
931  virtual QList<PKey::Type> supportedIOTypes() const = 0;
932 
938 
942  virtual PKeyBase *key() = 0;
943 
947  virtual const PKeyBase *key() const = 0;
948 
956  virtual void setKey(PKeyBase *key) = 0;
957 
969  virtual bool importKey(const PKeyBase *key) = 0;
970 
976  virtual QByteArray publicToDER() const;
977 
983  virtual QString publicToPEM() const;
984 
993  virtual ConvertResult publicFromDER(const QByteArray &a);
994 
1003  virtual ConvertResult publicFromPEM(const QString &s);
1004 
1014  virtual SecureArray privateToDER(const SecureArray &passphrase, PBEAlgorithm pbe) const;
1015 
1025  virtual QString privateToPEM(const SecureArray &passphrase, PBEAlgorithm pbe) const;
1026 
1036  virtual ConvertResult privateFromDER(const SecureArray &a, const SecureArray &passphrase);
1037 
1047  virtual ConvertResult privateFromPEM(const QString &s, const SecureArray &passphrase);
1048 };
1049 
1061 class QCA_EXPORT CertBase : public BasicContext
1062 {
1063  Q_OBJECT
1064 public:
1071  CertBase(Provider *p, const QString &type)
1072  : BasicContext(p, type)
1073  {
1074  }
1075 
1081  virtual QByteArray toDER() const = 0;
1082 
1088  virtual QString toPEM() const = 0;
1089 
1098  virtual ConvertResult fromDER(const QByteArray &a) = 0;
1099 
1108  virtual ConvertResult fromPEM(const QString &s) = 0;
1109 };
1110 
1125 class QCA_EXPORT CertContextProps
1126 {
1127 public:
1133  int version;
1134 
1140  QDateTime start;
1141 
1147  QDateTime end;
1148 
1153 
1160 
1165 
1169  QStringList policies;
1170 
1176  QStringList crlLocations;
1177 
1183  QStringList issuerLocations;
1184 
1190  QStringList ocspLocations;
1191 
1198 
1203  bool isCA;
1204 
1211 
1216 
1220  QByteArray sig;
1221 
1226 
1232  QByteArray subjectId;
1233 
1239  QByteArray issuerId;
1240 
1246  QString challenge;
1247 
1254 };
1255 
1268 class QCA_EXPORT CRLContextProps
1269 {
1270 public:
1275 
1279  int number;
1280 
1284  QDateTime thisUpdate;
1285 
1289  QDateTime nextUpdate;
1290 
1295 
1299  QByteArray sig;
1300 
1305 
1309  QByteArray issuerId;
1310 };
1311 
1312 class CRLContext;
1313 
1324 class QCA_EXPORT CertContext : public CertBase
1325 {
1326  Q_OBJECT
1327 public:
1334  : CertBase(p, QStringLiteral("cert"))
1335  {
1336  }
1337 
1349  virtual bool createSelfSigned(const CertificateOptions &opts, const PKeyContext &priv) = 0;
1350 
1354  virtual const CertContextProps *props() const = 0;
1355 
1362  virtual bool compare(const CertContext *other) const = 0;
1363 
1368  virtual PKeyContext *subjectPublicKey() const = 0;
1369 
1376  virtual bool isIssuerOf(const CertContext *other) const = 0;
1377 
1389  virtual Validity validate(const QList<CertContext *> &trusted,
1390  const QList<CertContext *> &untrusted,
1391  const QList<CRLContext *> &crls,
1392  UsageMode u,
1393  ValidateFlags vf) const = 0;
1394 
1411  const QList<CertContext *> &trusted,
1412  const QList<CRLContext *> &crls,
1413  UsageMode u,
1414  ValidateFlags vf) const = 0;
1415 };
1416 
1428 class QCA_EXPORT CSRContext : public CertBase
1429 {
1430  Q_OBJECT
1431 public:
1438  : CertBase(p, QStringLiteral("csr"))
1439  {
1440  }
1441 
1448  virtual bool canUseFormat(CertificateRequestFormat f) const = 0;
1449 
1461  virtual bool createRequest(const CertificateOptions &opts, const PKeyContext &priv) = 0;
1462 
1466  virtual const CertContextProps *props() const = 0;
1467 
1474  virtual bool compare(const CSRContext *other) const = 0;
1475 
1480  virtual PKeyContext *subjectPublicKey() const = 0;
1481 
1488  virtual QString toSPKAC() const = 0;
1489 
1499  virtual ConvertResult fromSPKAC(const QString &s) = 0;
1500 };
1501 
1512 class QCA_EXPORT CRLContext : public CertBase
1513 {
1514  Q_OBJECT
1515 public:
1522  : CertBase(p, QStringLiteral("crl"))
1523  {
1524  }
1525 
1529  virtual const CRLContextProps *props() const = 0;
1530 
1536  virtual bool compare(const CRLContext *other) const = 0;
1537 };
1538 
1550 class QCA_EXPORT CertCollectionContext : public BasicContext
1551 {
1552  Q_OBJECT
1553 public:
1560  : BasicContext(p, QStringLiteral("certcollection"))
1561  {
1562  }
1563 
1572  virtual QByteArray toPKCS7(const QList<CertContext *> &certs, const QList<CRLContext *> &crls) const = 0;
1573 
1587  virtual ConvertResult
1588  fromPKCS7(const QByteArray &a, QList<CertContext *> *certs, QList<CRLContext *> *crls) const = 0;
1589 };
1590 
1602 class QCA_EXPORT CAContext : public BasicContext
1603 {
1604  Q_OBJECT
1605 public:
1612  : BasicContext(p, QStringLiteral("ca"))
1613  {
1614  }
1615 
1624  virtual void setup(const CertContext &cert, const PKeyContext &priv) = 0;
1625 
1630  virtual CertContext *certificate() const = 0;
1631 
1639  virtual CertContext *signRequest(const CSRContext &req, const QDateTime &notValidAfter) const = 0;
1640 
1648  virtual CertContext *createCertificate(const PKeyContext &pub, const CertificateOptions &opts) const = 0;
1649 
1658  virtual CRLContext *createCRL(const QDateTime &nextUpdate) const = 0;
1659 
1669  virtual CRLContext *
1670  updateCRL(const CRLContext &crl, const QList<CRLEntry> &entries, const QDateTime &nextUpdate) const = 0;
1671 };
1672 
1683 class QCA_EXPORT PKCS12Context : public BasicContext
1684 {
1685  Q_OBJECT
1686 public:
1693  : BasicContext(p, QStringLiteral("pkcs12"))
1694  {
1695  }
1696 
1707  virtual QByteArray toPKCS12(const QString &name,
1708  const QList<const CertContext *> &chain,
1709  const PKeyContext &priv,
1710  const SecureArray &passphrase) const = 0;
1711 
1726  virtual ConvertResult fromPKCS12(const QByteArray &in,
1727  const SecureArray &passphrase,
1728  QString *name,
1729  QList<CertContext *> *chain,
1730  PKeyContext **priv) const = 0;
1731 };
1732 
1745 class QCA_EXPORT PGPKeyContextProps
1746 {
1747 public:
1751  QString keyId;
1752 
1757  QStringList userIds;
1758 
1762  bool isSecret;
1763 
1767  QDateTime creationDate;
1768 
1772  QDateTime expirationDate;
1773 
1779  QString fingerprint;
1780 
1786 
1792 };
1793 
1804 class QCA_EXPORT PGPKeyContext : public BasicContext
1805 {
1806  Q_OBJECT
1807 public:
1814  : BasicContext(p, QStringLiteral("pgpkey"))
1815  {
1816  }
1817 
1821  virtual const PGPKeyContextProps *props() const = 0;
1822 
1826  virtual QByteArray toBinary() const = 0;
1827 
1831  virtual QString toAscii() const = 0;
1832 
1841  virtual ConvertResult fromBinary(const QByteArray &a) = 0;
1842 
1851  virtual ConvertResult fromAscii(const QString &s) = 0;
1852 };
1853 
1865 class QCA_EXPORT KeyStoreEntryContext : public BasicContext
1866 {
1867  Q_OBJECT
1868 public:
1875  : BasicContext(p, QStringLiteral("keystoreentry"))
1876  {
1877  }
1878 
1882  virtual KeyStoreEntry::Type type() const = 0;
1883 
1889  virtual QString id() const = 0;
1890 
1894  virtual QString name() const = 0;
1895 
1899  virtual QString storeId() const = 0;
1900 
1904  virtual QString storeName() const = 0;
1905 
1909  virtual bool isAvailable() const;
1910 
1919  virtual QString serialize() const = 0;
1920 
1925  virtual KeyBundle keyBundle() const;
1926 
1931  virtual Certificate certificate() const;
1932 
1937  virtual CRL crl() const;
1938 
1943  virtual PGPKey pgpSecretKey() const;
1944 
1950  virtual PGPKey pgpPublicKey() const;
1951 
1960  virtual bool ensureAccess();
1961 };
1962 
1973 class QCA_EXPORT KeyStoreListContext : public Provider::Context
1974 {
1975  Q_OBJECT
1976 public:
1983  : Provider::Context(p, QStringLiteral("keystorelist"))
1984  {
1985  }
1986 
1990  virtual void start();
1991 
2000  virtual void setUpdatesEnabled(bool enabled);
2001 
2011  virtual QList<int> keyStores() = 0;
2012 
2019  virtual KeyStore::Type type(int id) const = 0;
2020 
2032  virtual QString storeId(int id) const = 0;
2033 
2040  virtual QString name(int id) const = 0;
2041 
2050  virtual bool isReadOnly(int id) const;
2051 
2061  virtual QList<KeyStoreEntry::Type> entryTypes(int id) const = 0;
2062 
2072 
2082  virtual KeyStoreEntryContext *entry(int id, const QString &entryId);
2083 
2096  virtual KeyStoreEntryContext *entryPassive(const QString &serialized);
2097 
2107  virtual QString writeEntry(int id, const KeyBundle &kb);
2108 
2118  virtual QString writeEntry(int id, const Certificate &cert);
2119 
2129  virtual QString writeEntry(int id, const CRL &crl);
2130 
2140  virtual QString writeEntry(int id, const PGPKey &key);
2141 
2151  virtual bool removeEntry(int id, const QString &entryId);
2152 
2153 Q_SIGNALS:
2171  void busyStart();
2172 
2180  void busyEnd();
2181 
2186  void updated();
2187 
2193  void diagnosticText(const QString &str);
2194 
2201  void storeUpdated(int id);
2202 };
2203 
2214 class QCA_EXPORT TLSSessionContext : public BasicContext
2215 {
2216  Q_OBJECT
2217 public:
2224  : BasicContext(p, QStringLiteral("tlssession"))
2225  {
2226  }
2227 };
2228 
2239 class QCA_EXPORT TLSContext : public Provider::Context
2240 {
2241  Q_OBJECT
2242 public:
2253  {
2254  public:
2259 
2264 
2270  QString cipherSuite;
2271 
2276 
2282 
2288  };
2289 
2293  enum Result
2294  {
2297  Continue
2298  };
2299 
2306  TLSContext(Provider *p, const QString &type)
2307  : Provider::Context(p, type)
2308  {
2309  }
2310 
2314  virtual void reset() = 0;
2315 
2323  virtual QStringList supportedCipherSuites(const TLS::Version &version) const = 0;
2324 
2328  virtual bool canCompress() const = 0;
2329 
2333  virtual bool canSetHostName() const = 0;
2334 
2338  virtual int maxSSF() const = 0;
2339 
2350  virtual void setup(bool serverMode, const QString &hostName, bool compress) = 0;
2351 
2360  virtual void setConstraints(int minSSF, int maxSSF) = 0;
2361 
2374  virtual void setConstraints(const QStringList &cipherSuiteList) = 0;
2375 
2383  virtual void setTrustedCertificates(const CertificateCollection &trusted) = 0;
2384 
2394  virtual void setIssuerList(const QList<CertificateInfoOrdered> &issuerList) = 0;
2395 
2404  virtual void setCertificate(const CertificateChain &cert, const PrivateKey &key) = 0;
2405 
2413  virtual void setSessionId(const TLSSessionContext &id) = 0;
2414 
2423  virtual void shutdown() = 0;
2424 
2432  virtual void setMTU(int size);
2433 
2446  virtual void start() = 0;
2447 
2473  virtual void update(const QByteArray &from_net, const QByteArray &from_app) = 0;
2474 
2484  virtual bool waitForResultsReady(int msecs) = 0;
2485 
2489  virtual Result result() const = 0;
2490 
2494  virtual QByteArray to_net() = 0;
2495 
2500  virtual int encoded() const = 0;
2501 
2506  virtual QByteArray to_app() = 0;
2507 
2511  virtual bool eof() const = 0;
2512 
2519  virtual bool clientHelloReceived() const = 0;
2520 
2526  virtual bool serverHelloReceived() const = 0;
2527 
2534  virtual QString hostName() const = 0;
2535 
2541  virtual bool certificateRequested() const = 0;
2542 
2549 
2555  virtual Validity peerCertificateValidity() const = 0;
2556 
2563 
2569  virtual SessionInfo sessionInfo() const = 0;
2570 
2576  virtual QByteArray unprocessed() = 0;
2577 
2578 Q_SIGNALS:
2583 
2588  void dtlsTimeout();
2589 };
2590 
2601 class QCA_EXPORT SASLContext : public Provider::Context
2602 {
2603  Q_OBJECT
2604 public:
2614  class HostPort
2615  {
2616  public:
2620  QString addr;
2621 
2625  quint16 port;
2626  };
2627 
2631  enum Result
2632  {
2637  Continue
2638  };
2639 
2646  : Provider::Context(p, QStringLiteral("sasl"))
2647  {
2648  }
2649 
2653  virtual void reset() = 0;
2654 
2676  virtual void setup(const QString &service,
2677  const QString &host,
2678  const HostPort *local,
2679  const HostPort *remote,
2680  const QString &ext_id,
2681  int ext_ssf) = 0;
2682 
2693  virtual void setConstraints(SASL::AuthFlags f, int minSSF, int maxSSF) = 0;
2694 
2710  virtual void startClient(const QStringList &mechlist, bool allowClientSendFirst) = 0;
2711 
2727  virtual void startServer(const QString &realm, bool disableServerSendLast) = 0;
2728 
2742  virtual void serverFirstStep(const QString &mech, const QByteArray *clientInit) = 0;
2743 
2755  virtual void nextStep(const QByteArray &from_net) = 0;
2756 
2766  virtual void tryAgain() = 0;
2767 
2780  virtual void update(const QByteArray &from_net, const QByteArray &from_app) = 0;
2781 
2792  virtual bool waitForResultsReady(int msecs) = 0;
2793 
2797  virtual Result result() const = 0;
2798 
2802  virtual QStringList mechlist() const = 0;
2803 
2807  virtual QString mech() const = 0;
2808 
2812  virtual bool haveClientInit() const = 0;
2813 
2818  virtual QByteArray stepData() const = 0;
2819 
2824  virtual QByteArray to_net() = 0;
2825 
2830  virtual int encoded() const = 0;
2831 
2836  virtual QByteArray to_app() = 0;
2837 
2843  virtual int ssf() const = 0;
2844 
2851  virtual SASL::AuthCondition authCondition() const = 0;
2852 
2858  virtual SASL::Params clientParams() const = 0;
2859 
2868  virtual void
2869  setClientParams(const QString *user, const QString *authzid, const SecureArray *pass, const QString *realm) = 0;
2870 
2877  virtual QStringList realmlist() const = 0;
2878 
2884  virtual QString username() const = 0;
2885 
2891  virtual QString authzid() const = 0;
2892 
2893 Q_SIGNALS:
2899 };
2900 
2912 class QCA_EXPORT MessageContext : public Provider::Context
2913 {
2914  Q_OBJECT
2915 public:
2920  {
2925  SignAndEncrypt
2926  };
2927 
2934  MessageContext(Provider *p, const QString &type)
2935  : Provider::Context(p, type)
2936  {
2937  }
2938 
2943  virtual bool canSignMultiple() const = 0;
2944 
2948  virtual SecureMessage::Type type() const = 0;
2949 
2953  virtual void reset() = 0;
2954 
2960  virtual void setupEncrypt(const SecureMessageKeyList &keys) = 0;
2961 
2970  virtual void
2971  setupSign(const SecureMessageKeyList &keys, SecureMessage::SignMode m, bool bundleSigner, bool smime) = 0;
2972 
2978  virtual void setupVerify(const QByteArray &detachedSig) = 0;
2979 
2993  virtual void start(SecureMessage::Format f, Operation op) = 0;
2994 
3000  virtual void update(const QByteArray &in) = 0;
3001 
3005  virtual QByteArray read() = 0;
3006 
3011  virtual int written() = 0;
3012 
3016  virtual void end() = 0;
3017 
3021  virtual bool finished() const = 0;
3022 
3032  virtual bool waitForFinished(int msecs) = 0;
3033 
3039  virtual bool success() const = 0;
3040 
3047  virtual SecureMessage::Error errorCode() const = 0;
3048 
3055  virtual QByteArray signature() const = 0;
3056 
3063  virtual QString hashName() const = 0;
3064 
3072 
3080  virtual QString diagnosticText() const;
3081 
3082 Q_SIGNALS:
3087  void updated();
3088 };
3089 
3101 class QCA_EXPORT SMSContext : public BasicContext
3102 {
3103  Q_OBJECT
3104 public:
3111  SMSContext(Provider *p, const QString &type)
3112  : BasicContext(p, type)
3113  {
3114  }
3115 
3126  virtual void setTrustedCertificates(const CertificateCollection &trusted);
3127 
3136  virtual void setUntrustedCertificates(const CertificateCollection &untrusted);
3137 
3146  virtual void setPrivateKeys(const QList<SecureMessageKey> &keys);
3147 
3153 };
3154 
3155 }
3156 #endif
3157 
3158 #endif
Provider plugin base class.
Definition: qcaprovider.h:83
virtual QCA::Provider * createProvider()=0
Returns a newly allocated Provider instance.
virtual ~QCAPlugin()
Destructs the object.
Definition: qcaprovider.h:88
Container for authentication tag.
Definition: qca_core.h:1347
Base class to use for primitive provider contexts.
Definition: qca_core.h:1010
Arbitrary precision integer.
Definition: qca_tools.h:571
X.509 certificate authority provider.
Definition: qcaprovider.h:1603
virtual CRLContext * createCRL(const QDateTime &nextUpdate) const =0
Create a new CRL and return it.
virtual CertContext * signRequest(const CSRContext &req, const QDateTime &notValidAfter) const =0
Issue a certificate based on a certificate request, and return the certificate.
CAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1611
virtual CRLContext * updateCRL(const CRLContext &crl, const QList< CRLEntry > &entries, const QDateTime &nextUpdate) const =0
Update an existing CRL, by examining an old one and creating a new one based on it.
virtual CertContext * certificate() const =0
Returns a copy of the CA's certificate.
virtual void setup(const CertContext &cert, const PKeyContext &priv)=0
Prepare the object for usage.
virtual CertContext * createCertificate(const PKeyContext &pub, const CertificateOptions &opts) const =0
Issue a certificate based on a public key and options, and return the certificate.
X.509 certificate revocation list properties.
Definition: qcaprovider.h:1269
int number
The CRL number, which increases at each update.
Definition: qcaprovider.h:1279
QList< CRLEntry > revoked
The revoked entries.
Definition: qcaprovider.h:1294
SignatureAlgorithm sigalgo
The signature algorithm used by the issuer to sign the CRL.
Definition: qcaprovider.h:1304
QByteArray issuerId
The issuer id.
Definition: qcaprovider.h:1309
QByteArray sig
The signature data of the CRL.
Definition: qcaprovider.h:1299
QDateTime nextUpdate
The time this CRL expires, and the next CRL should be fetched.
Definition: qcaprovider.h:1289
CertificateInfoOrdered issuer
The issuer information of the CRL.
Definition: qcaprovider.h:1274
QDateTime thisUpdate
The time this CRL was created.
Definition: qcaprovider.h:1284
X.509 certificate revocation list provider.
Definition: qcaprovider.h:1513
virtual const CRLContextProps * props() const =0
Returns a pointer to the properties of this CRL.
CRLContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1521
virtual bool compare(const CRLContext *other) const =0
Returns true if this CRL is equal to another CRL, otherwise false.
Certificate Revocation List
Definition: qca_cert.h:1740
X.509 certificate request provider.
Definition: qcaprovider.h:1429
virtual const CertContextProps * props() const =0
Returns a pointer to the properties of this certificate request.
virtual bool compare(const CSRContext *other) const =0
Returns true if this certificate request is equal to another certificate request, otherwise false.
virtual QString toSPKAC() const =0
Convert this certificate request to Netscape SPKAC format, and return the value.
virtual bool canUseFormat(CertificateRequestFormat f) const =0
Returns true if the provider of this object supports the specified format, otherwise false.
CSRContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1437
virtual bool createRequest(const CertificateOptions &opts, const PKeyContext &priv)=0
Create a certificate request based on the given options and private key.
virtual ConvertResult fromSPKAC(const QString &s)=0
Read Netscape SPKAC input and convert it into a certificate request.
virtual PKeyContext * subjectPublicKey() const =0
Returns a copy of this certificate request's public key.
X.509 certificate and certificate request provider base.
Definition: qcaprovider.h:1062
virtual QByteArray toDER() const =0
Convert this object to DER format, and return the value.
CertBase(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:1071
virtual ConvertResult fromDER(const QByteArray &a)=0
Read DER-formatted input and convert it into this object.
virtual ConvertResult fromPEM(const QString &s)=0
Read PEM-formatted input and convert it into this object.
virtual QString toPEM() const =0
Convert this object to PEM format, and return the value.
X.509 certificate collection provider.
Definition: qcaprovider.h:1551
virtual QByteArray toPKCS7(const QList< CertContext * > &certs, const QList< CRLContext * > &crls) const =0
Create PKCS#7 DER output based on the input certificates and CRLs.
virtual ConvertResult fromPKCS7(const QByteArray &a, QList< CertContext * > *certs, QList< CRLContext * > *crls) const =0
Read PKCS#7 DER input and convert it into a list of certificates and CRLs.
CertCollectionContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1559
X.509 certificate or certificate request properties.
Definition: qcaprovider.h:1126
CertificateInfoOrdered subject
The subject information.
Definition: qcaprovider.h:1152
QStringList ocspLocations
A list of URIs for OCSP services.
Definition: qcaprovider.h:1190
int version
The X.509 certificate version, usually 3.
Definition: qcaprovider.h:1133
QStringList crlLocations
A list of URIs for CRLs.
Definition: qcaprovider.h:1176
QStringList issuerLocations
A list of URIs for issuer certificates.
Definition: qcaprovider.h:1183
QStringList policies
The policies.
Definition: qcaprovider.h:1169
int pathLimit
The path limit.
Definition: qcaprovider.h:1215
bool isSelfSigned
True if the certificate is self-signed.
Definition: qcaprovider.h:1210
QByteArray issuerId
The issuer id.
Definition: qcaprovider.h:1239
QDateTime start
The time the certificate becomes valid (often the time of create)
Definition: qcaprovider.h:1140
BigInteger serial
The certificate serial number.
Definition: qcaprovider.h:1197
QString challenge
The SPKAC challenge value.
Definition: qcaprovider.h:1246
QDateTime end
The time the certificate expires.
Definition: qcaprovider.h:1147
CertificateRequestFormat format
The format used for the certificate request.
Definition: qcaprovider.h:1253
CertificateInfoOrdered issuer
The issuer information.
Definition: qcaprovider.h:1159
SignatureAlgorithm sigalgo
The signature algorithm used to create the signature.
Definition: qcaprovider.h:1225
QByteArray sig
The signature data.
Definition: qcaprovider.h:1220
QByteArray subjectId
The subject id.
Definition: qcaprovider.h:1232
Constraints constraints
The constraints.
Definition: qcaprovider.h:1164
bool isCA
True if the certificate is a CA or the certificate request is requesting to be a CA,...
Definition: qcaprovider.h:1203
X.509 certificate provider.
Definition: qcaprovider.h:1325
virtual PKeyContext * subjectPublicKey() const =0
Returns a copy of this certificate's public key.
virtual bool compare(const CertContext *other) const =0
Returns true if this certificate is equal to another certificate, otherwise false.
virtual const CertContextProps * props() const =0
Returns a pointer to the properties of this certificate.
virtual bool isIssuerOf(const CertContext *other) const =0
Returns true if this certificate is an issuer of another certificate, otherwise false.
virtual Validity validate(const QList< CertContext * > &trusted, const QList< CertContext * > &untrusted, const QList< CRLContext * > &crls, UsageMode u, ValidateFlags vf) const =0
Validate this certificate.
virtual Validity validate_chain(const QList< CertContext * > &chain, const QList< CertContext * > &trusted, const QList< CRLContext * > &crls, UsageMode u, ValidateFlags vf) const =0
Validate a certificate chain.
virtual bool createSelfSigned(const CertificateOptions &opts, const PKeyContext &priv)=0
Create a self-signed certificate based on the given options and private key.
CertContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1333
A chain of related Certificates.
Definition: qca_cert.h:1226
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1929
Ordered certificate properties type.
Definition: qca_cert.h:548
Certificate options
Definition: qca_cert.h:610
Public Key (X.509) certificate.
Definition: qca_cert.h:857
Cipher provider.
Definition: qcaprovider.h:228
CipherContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:240
virtual void setup(Direction dir, const SymmetricKey &key, const InitializationVector &iv, const AuthTag &tag)=0
Set up the object for encrypt/decrypt.
virtual AuthTag tag() const =0
Returns the authentication tag for this cipher.
virtual KeyLength keyLength() const =0
Returns the KeyLength for this cipher.
virtual int blockSize() const =0
Returns the block size for this cipher.
virtual bool update(const SecureArray &in, SecureArray *out)=0
Process a chunk of data.
Diffie-Hellman provider.
Definition: qcaprovider.h:830
virtual BigInteger x() const =0
Returns the private X component of this Diffie-Hellman key.
virtual void createPrivate(const DLGroup &domain, bool block)=0
Generate a Diffie-Hellman private key.
virtual BigInteger y() const =0
Returns the public Y component of this Diffie-Hellman key.
virtual DLGroup domain() const =0
Returns the public domain component of this Diffie-Hellman key.
virtual void createPublic(const DLGroup &domain, const BigInteger &y)=0
Create a Diffie-Hellman public key based on its numeric components.
DHContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:838
virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x)=0
Create a Diffie-Hellman private key based on its numeric components.
Discrete logarithm provider.
Definition: qcaprovider.h:455
virtual void getResult(BigInteger *p, BigInteger *q, BigInteger *g) const =0
Obtain the result of the operation.
virtual bool isNull() const =0
Returns true if there is a result to obtain.
virtual QList< DLGroupSet > supportedGroupSets() const =0
The DLGroupSets supported by this object.
void finished()
Emitted when the fetchGroup() operation completes in non-blocking mode.
DLGroupContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:463
virtual void fetchGroup(DLGroupSet set, bool block)=0
Attempt to create P, Q, and G values from the specified group set.
A discrete logarithm group.
Definition: qca_publickey.h:172
DSA provider.
Definition: qcaprovider.h:757
virtual BigInteger y() const =0
Returns the public Y component of this DSA key.
virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x)=0
Create a DSA private key based on its numeric components.
virtual void createPrivate(const DLGroup &domain, bool block)=0
Generate a DSA private key.
virtual DLGroup domain() const =0
Returns the public domain component of this DSA key.
virtual void createPublic(const DLGroup &domain, const BigInteger &y)=0
Create a DSA public key based on its numeric components.
virtual BigInteger x() const =0
Returns the private X component of this DSA key.
DSAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:765
HKDF provider.
Definition: qcaprovider.h:416
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, const InitializationVector &info, unsigned int keyLength)=0
Create a key and return it.
HKDFContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:425
Hash provider.
Definition: qcaprovider.h:185
HashContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:194
virtual void clear()=0
Reset the object to its initial state.
virtual void update(const MemoryRegion &a)=0
Process a chunk of data.
Extended provider information.
Definition: qcaprovider.h:113
virtual QStringList supportedHashTypes() const
The hash algorithms supported by the provider.
virtual QStringList supportedMACTypes() const
The mac algorithms supported by the provider.
InfoContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:121
virtual QStringList supportedCipherTypes() const
The cipher algorithms supported by the provider.
Container for initialisation vectors and nonces.
Definition: qca_core.h:1310
Key derivation function provider.
Definition: qcaprovider.h:362
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, unsigned int keyLength, int msecInterval, unsigned int *iterationCount)=0
Create a key and return it.
KDFContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:371
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, unsigned int keyLength, unsigned int iterationCount)=0
Create a key and return it.
Certificate chain and private key pair.
Definition: qca_cert.h:2176
Simple container for acceptable key lengths.
Definition: qca_core.h:701
KeyStoreEntry provider.
Definition: qcaprovider.h:1866
virtual QString storeId() const =0
Returns the id of the store that contains this entry.
virtual bool isAvailable() const
Returns true if the private key of this entry is present for use.
virtual QString serialize() const =0
Serialize the information about this entry.
KeyStoreEntryContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1874
virtual bool ensureAccess()
Attempt to ensure the private key of this entry is usable and accessible, potentially prompting the u...
virtual KeyBundle keyBundle() const
If this entry is of type KeyStoreEntry::TypeKeyBundle, this function returns the KeyBundle of the ent...
virtual QString storeName() const =0
Returns the name of the store that contains this entry.
virtual PGPKey pgpPublicKey() const
If this entry is of type KeyStoreEntry::TypePGPPublicKey or KeyStoreEntry::TypePGPSecretKey,...
virtual PGPKey pgpSecretKey() const
If this entry is of type KeyStoreEntry::TypePGPSecretKey, this function returns the secret PGPKey of ...
virtual QString id() const =0
Returns the entry id.
virtual CRL crl() const
If this entry is of type KeyStoreEntry::TypeCRL, this function returns the CRL of the entry.
virtual Certificate certificate() const
If this entry is of type KeyStoreEntry::TypeCertificate, this function returns the Certificate of the...
virtual QString name() const =0
Returns the name of this entry.
virtual KeyStoreEntry::Type type() const =0
Returns the entry type.
Type
The type of entry in the KeyStore.
Definition: qca_keystore.h:147
KeyStore provider.
Definition: qcaprovider.h:1974
virtual KeyStoreEntryContext * entryPassive(const QString &serialized)
Returns a single entry, created from the serialization string of a previous entry (using KeyStoreEntr...
void busyEnd()
Emit this to leave the busy state.
virtual QString writeEntry(int id, const Certificate &cert)
Write a Certificate to the store.
virtual QString writeEntry(int id, const KeyBundle &kb)
Write a KeyBundle to the store.
void updated()
Indicates the list of keystores has changed, and that QCA should call keyStores() to obtain the lates...
virtual KeyStore::Type type(int id) const =0
Returns the type of the specified store, or -1 if the integer context id is invalid.
virtual QList< int > keyStores()=0
Returns a list of integer context ids, each representing a keystore instance.
virtual bool removeEntry(int id, const QString &entryId)
Remove an entry from the store.
virtual QList< KeyStoreEntry::Type > entryTypes(int id) const =0
Returns the types supported by the store, or an empty list if the integer context id is invalid.
virtual KeyStoreEntryContext * entry(int id, const QString &entryId)
Returns a single entry in the store, if the entry id is already known.
void storeUpdated(int id)
Indicates that the entry list of a keystore has changed (entries added, removed, or modified)
void diagnosticText(const QString &str)
Emitted when there is diagnostic text to report.
void busyStart()
Emit this when the provider is busy looking for keystores.
KeyStoreListContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1982
virtual void setUpdatesEnabled(bool enabled)
Enables or disables update events.
virtual bool isReadOnly(int id) const
Returns true if the store is read-only.
virtual void start()
Starts the keystore provider.
virtual QList< KeyStoreEntryContext * > entryList(int id)=0
Returns the entries of the store, or an empty list if the integer context id is invalid.
virtual QString storeId(int id) const =0
Returns the string id of the store, or an empty string if the integer context id is invalid.
virtual QString writeEntry(int id, const CRL &crl)
Write a CRL to the store.
virtual QString writeEntry(int id, const PGPKey &key)
Write a PGPKey to the store.
virtual QString name(int id) const =0
Returns the friendly name of the store, or an empty string if the integer context id is invalid.
Type
The type of keystore.
Definition: qca_keystore.h:424
Message authentication code provider.
Definition: qcaprovider.h:298
KeyLength anyKeyLength() const
Returns a KeyLength that supports any length.
Definition: qcaprovider.h:341
virtual void setup(const SymmetricKey &key)=0
Set up the object for hashing.
virtual KeyLength keyLength() const =0
Returns the KeyLength for this MAC algorithm.
MACContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:306
virtual void update(const MemoryRegion &in)=0
Process a chunk of data.
Array of bytes that may be optionally secured.
Definition: qca_tools.h:91
SecureMessage provider.
Definition: qcaprovider.h:2913
virtual QByteArray read()=0
Extract output from the message operation.
virtual void start(SecureMessage::Format f, Operation op)=0
Begins the secure message operation.
virtual QString diagnosticText() const
Returns any diagnostic text for the operation, potentially useful to show the user in the event the o...
Operation
The type of operation being performed.
Definition: qcaprovider.h:2920
@ Verify
Verify operation.
Definition: qcaprovider.h:2924
@ Sign
Sign operation.
Definition: qcaprovider.h:2923
@ Decrypt
Decrypt (or Decrypt and Verify) operation.
Definition: qcaprovider.h:2922
@ Encrypt
Encrypt operation.
Definition: qcaprovider.h:2921
virtual void setupEncrypt(const SecureMessageKeyList &keys)=0
Configure a new encrypting operation.
virtual int written()=0
Returns the number of input bytes accepted since the last call to update()
virtual void setupVerify(const QByteArray &detachedSig)=0
Configure a new verify operation.
virtual QString hashName() const =0
Returns the name of the hash used to generate the signature, in the case of a signature operation.
virtual bool success() const =0
Returns true if the operation was successful.
virtual void setupSign(const SecureMessageKeyList &keys, SecureMessage::SignMode m, bool bundleSigner, bool smime)=0
Configure a new signing operation.
MessageContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:2934
virtual bool finished() const =0
Returns true if the operation has finished, otherwise false.
virtual void update(const QByteArray &in)=0
Provide input to the message operation.
void updated()
Emitted when there is data to read, if input data has been accepted, or if the operation has finished...
virtual SecureMessage::Error errorCode() const =0
Returns the reason for failure, if the operation was not successful.
virtual QByteArray signature() const =0
Returns the signature, in the case of a detached signature operation.
virtual void end()=0
Indicates the end of input.
virtual void reset()=0
Reset the object to its initial state.
virtual SecureMessageSignatureList signers() const =0
Returns a list of signatures, in the case of a verify or decrypt and verify operation.
virtual bool waitForFinished(int msecs)=0
Waits for the secure message operation to complete.
virtual bool canSignMultiple() const =0
Returns true if the provider supports multiple signers for signature creation or signature verificati...
virtual SecureMessage::Type type() const =0
The type of secure message (e.g.
OpenPGP key properties.
Definition: qcaprovider.h:1746
bool isTrusted
True if this key is trusted (e.g.
Definition: qcaprovider.h:1791
bool inKeyring
True if this key is in a keyring (and thus usable), otherwise false.
Definition: qcaprovider.h:1785
QStringList userIds
List of user id strings for the key, the first one being the primary user id.
Definition: qcaprovider.h:1757
QDateTime creationDate
The time the key was created.
Definition: qcaprovider.h:1767
QString fingerprint
The hex fingerprint of the key.
Definition: qcaprovider.h:1779
QDateTime expirationDate
The time the key expires.
Definition: qcaprovider.h:1772
QString keyId
The key id.
Definition: qcaprovider.h:1751
bool isSecret
True if this key is a secret key, otherwise false.
Definition: qcaprovider.h:1762
OpenPGP key provider.
Definition: qcaprovider.h:1805
virtual QString toAscii() const =0
Convert the key to ascii-armored format, and return the value.
PGPKeyContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1813
virtual QByteArray toBinary() const =0
Convert the key to binary format, and return the value.
virtual ConvertResult fromBinary(const QByteArray &a)=0
Read binary input and convert it into a key.
virtual ConvertResult fromAscii(const QString &s)=0
Read ascii-armored input and convert it into a key.
virtual const PGPKeyContextProps * props() const =0
Returns a pointer to the properties of this key.
Pretty Good Privacy key.
Definition: qca_cert.h:2407
PKCS#12 provider.
Definition: qcaprovider.h:1684
PKCS12Context(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1692
virtual QByteArray toPKCS12(const QString &name, const QList< const CertContext * > &chain, const PKeyContext &priv, const SecureArray &passphrase) const =0
Create PKCS#12 DER output based on a set of input items.
virtual ConvertResult fromPKCS12(const QByteArray &in, const SecureArray &passphrase, QString *name, QList< CertContext * > *chain, PKeyContext **priv) const =0
Read PKCS#12 DER input and convert it into a set of output items.
Public key implementation provider base.
Definition: qcaprovider.h:523
virtual bool isNull() const =0
Returns true if this object is not valid.
virtual PKey::Type type() const =0
Returns the type of public key.
virtual void convertToPublic()=0
If the key is a private key, this function will convert it into a public key (all private key data in...
virtual bool isPrivate() const =0
Returns true if this is a private key, otherwise false.
virtual int bits() const =0
Returns the number of bits in the key.
virtual void update(const MemoryRegion &in)
Process the plaintext input data for either signing or verifying, whichever operation is active.
virtual bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg)
Decrypt data.
PKeyBase(Provider *p, const QString &type)
Standard constructor.
virtual SymmetricKey deriveKey(const PKeyBase &theirs)
Compute a symmetric key based on this private key and some other public key.
void finished()
Emitted when an asynchronous operation completes on this key.
virtual int maximumEncryptSize(EncryptionAlgorithm alg) const
Returns the maximum number of bytes that can be encrypted by this key.
virtual bool endVerify(const QByteArray &sig)
Complete a verify operation, and return true if successful.
virtual QByteArray endSign()
Complete a signing operation, and return the signature value.
virtual void startVerify(SignatureAlgorithm alg, SignatureFormat format)
Begin a verify operation.
virtual SecureArray encrypt(const SecureArray &in, EncryptionAlgorithm alg)
Encrypt data.
virtual bool canExport() const =0
Returns true if the components of this key are accessible and whether it can be serialized into an ou...
virtual void startSign(SignatureAlgorithm alg, SignatureFormat format)
Begin a signing operation.
Public key container provider.
Definition: qcaprovider.h:909
virtual ConvertResult privateFromPEM(const QString &s, const SecureArray &passphrase)
Read PEM-formatted input and convert it into a private key.
virtual ConvertResult publicFromPEM(const QString &s)
Read PEM-formatted input and convert it into a public key.
virtual const PKeyBase * key() const =0
Returns the key held by this object, or 0 if there is no key.
PKeyContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:917
virtual bool importKey(const PKeyBase *key)=0
Attempt to import a key from another provider.
virtual PKeyBase * key()=0
Returns the key held by this object, or 0 if there is no key.
virtual QList< PBEAlgorithm > supportedPBEAlgorithms() const =0
Returns a list of password-based encryption algorithms that are supported for private key serializati...
virtual void setKey(PKeyBase *key)=0
Sets the key for this object.
virtual ConvertResult privateFromDER(const SecureArray &a, const SecureArray &passphrase)
Read DER-formatted input and convert it into a private key.
virtual QList< PKey::Type > supportedTypes() const =0
Returns a list of supported public key types.
virtual QByteArray publicToDER() const
Convert a public key to DER format, and return the value.
virtual ConvertResult publicFromDER(const QByteArray &a)
Read DER-formatted input and convert it into a public key.
virtual QString publicToPEM() const
Convert a public key to PEM format, and return the value.
virtual SecureArray privateToDER(const SecureArray &passphrase, PBEAlgorithm pbe) const
Convert a private key to DER format, and return the value.
virtual QList< PKey::Type > supportedIOTypes() const =0
Returns a list of public key types that can be serialized and deserialized into DER and PEM format.
virtual QString privateToPEM(const SecureArray &passphrase, PBEAlgorithm pbe) const
Convert a private key to PEM format, and return the value.
Type
Types of public key cryptography keys supported by QCA.
Definition: qca_publickey.h:257
Generic private key.
Definition: qca_publickey.h:833
Internal context class used for the plugin.
Algorithm provider.
Definition: qca_core.h:765
RSA provider.
Definition: qcaprovider.h:667
virtual BigInteger e() const =0
Returns the public E component of this RSA key.
virtual BigInteger n() const =0
Returns the public N component of this RSA key.
virtual BigInteger p() const =0
Returns the private P component of this RSA key.
RSAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:675
virtual void createPublic(const BigInteger &n, const BigInteger &e)=0
Create an RSA public key based on the two public components.
virtual BigInteger d() const =0
Returns the private D component of this RSA key.
virtual BigInteger q() const =0
Returns the private Q component of this RSA key.
virtual void createPrivate(const BigInteger &n, const BigInteger &e, const BigInteger &p, const BigInteger &q, const BigInteger &d)=0
Create an RSA private key based on the five components.
virtual void createPrivate(int bits, int exp, bool block)=0
Generate an RSA private key.
Random provider.
Definition: qcaprovider.h:153
RandomContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:161
virtual SecureArray nextBytes(int size)=0
Return an array of random bytes.
Convenience class to hold an IP address and an associated port.
Definition: qcaprovider.h:2615
quint16 port
The port.
Definition: qcaprovider.h:2625
QString addr
The IP address.
Definition: qcaprovider.h:2620
SASL provider.
Definition: qcaprovider.h:2602
virtual void serverFirstStep(const QString &mech, const QByteArray *clientInit)=0
Finishes server startup.
virtual QByteArray to_net()=0
Returns data that should be sent across the network (for the security layer)
virtual SASL::AuthCondition authCondition() const =0
Returns the reason for failure, if the authentication was not successful.
virtual QString authzid() const =0
Returns the authzid attempting to authorize (server mode only)
virtual void setup(const QString &service, const QString &host, const HostPort *local, const HostPort *remote, const QString &ext_id, int ext_ssf)=0
Configure a new session.
virtual QString username() const =0
Returns the username attempting to authenticate (server mode only)
virtual int encoded() const =0
Returns the number of bytes of plaintext data that is encoded inside of to_net()
virtual void startServer(const QString &realm, bool disableServerSendLast)=0
Begins the session in server mode, starting with the authentication.
virtual void tryAgain()=0
Attempt the most recent operation again.
virtual SASL::Params clientParams() const =0
Returns the needed/optional client parameters.
virtual QByteArray stepData() const =0
Returns an authentication payload for to be transmitted over the network.
SASLContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:2645
virtual QString mech() const =0
Returns the mechanism selected.
void resultsReady()
Emit this when a startClient(), startServer(), serverFirstStep(), nextStep(), tryAgain(),...
virtual bool waitForResultsReady(int msecs)=0
Waits for a startClient(), startServer(), serverFirstStep(), nextStep(), tryAgain(),...
virtual QStringList mechlist() const =0
Returns the mechanism list (server mode only)
virtual bool haveClientInit() const =0
Returns true if the client has initialization data.
virtual int ssf() const =0
Returns the SSF of the active SASL session.
virtual QByteArray to_app()=0
Returns data that is decoded from the network and should be processed by the application.
virtual void setClientParams(const QString *user, const QString *authzid, const SecureArray *pass, const QString *realm)=0
Set some of the client parameters (pass 0 to not set a field)
virtual void reset()=0
Reset the object to its initial state.
virtual QStringList realmlist() const =0
Returns the realm list (client mode only)
virtual void update(const QByteArray &from_net, const QByteArray &from_app)=0
Performs one iteration of the SASL security layer processing.
virtual Result result() const =0
Returns the result code of an operation.
virtual void startClient(const QStringList &mechlist, bool allowClientSendFirst)=0
Begins the session in client mode, starting with the authentication.
Result
Result of a SASL operation.
Definition: qcaprovider.h:2632
@ Params
Parameters are needed to complete authentication.
Definition: qcaprovider.h:2635
@ Success
Operation completed.
Definition: qcaprovider.h:2633
@ Error
Operation failed.
Definition: qcaprovider.h:2634
@ AuthCheck
Client login can be inspected (server only)
Definition: qcaprovider.h:2636
virtual void nextStep(const QByteArray &from_net)=0
Perform another step of the SASL authentication.
virtual void setConstraints(SASL::AuthFlags f, int minSSF, int maxSSF)=0
Set the constraints of the session using SSF values.
Parameter flags for the SASL authentication.
Definition: qca_securelayer.h:907
AuthCondition
Possible authentication error states.
Definition: qca_securelayer.h:849
AuthFlags
Authentication requirement flag values.
Definition: qca_securelayer.h:868
SecureMessageSystem provider.
Definition: qcaprovider.h:3102
virtual void setTrustedCertificates(const CertificateCollection &trusted)
Set the trusted certificates and for this secure message system, to be used for validation.
SMSContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:3111
virtual MessageContext * createMessage()=0
Create a new message object for this system.
virtual void setUntrustedCertificates(const CertificateCollection &untrusted)
Set the untrusted certificates and CRLs for this secure message system, to be used for validation.
virtual void setPrivateKeys(const QList< SecureMessageKey > &keys)
Set the private keys for this secure message system, to be used for decryption.
Secure array of bytes.
Definition: qca_tools.h:317
Type
The type of secure message.
Definition: qca_securemessage.h:327
Error
Errors for secure messages.
Definition: qca_securemessage.h:355
SignMode
The type of message signature.
Definition: qca_securemessage.h:336
Format
Formats for secure messages.
Definition: qca_securemessage.h:346
Container for keys for symmetric encryption algorithms.
Definition: qca_core.h:1264
Information about an active TLS connection.
Definition: qcaprovider.h:2253
QString cipherSuite
The cipher suite being used for this connection.
Definition: qcaprovider.h:2270
int cipherBits
The bit size of the cipher used for this connection.
Definition: qcaprovider.h:2275
bool isCompressed
True if the TLS connection is compressed, otherwise false.
Definition: qcaprovider.h:2258
TLSSessionContext * id
Pointer to the id of this TLS session, for use with resuming.
Definition: qcaprovider.h:2287
TLS::Version version
The TLS protocol version being used for this connection.
Definition: qcaprovider.h:2263
int cipherMaxBits
The maximum bit size possible of the cipher used for this connection.
Definition: qcaprovider.h:2281
TLS provider.
Definition: qcaprovider.h:2240
virtual void setCertificate(const CertificateChain &cert, const PrivateKey &key)=0
Set the local certificate.
virtual Validity peerCertificateValidity() const =0
Returns the QCA::Validity of the peer certificate.
virtual SessionInfo sessionInfo() const =0
Returns information about the active TLS session.
virtual QByteArray to_net()=0
Returns data that should be sent across the network.
virtual int maxSSF() const =0
Returns the maximum SSF supported by this provider.
virtual QByteArray to_app()=0
Returns data that is decoded from the network and should be processed by the application.
virtual bool clientHelloReceived() const =0
Returns true if the TLS client hello has been received.
virtual Result result() const =0
Returns the result code of an operation.
virtual int encoded() const =0
Returns the number of bytes of plaintext data that is encoded inside of to_net()
virtual void setConstraints(const QStringList &cipherSuiteList)=0
This is an overloaded member function, provided for convenience. It differs from the above function o...
virtual void update(const QByteArray &from_net, const QByteArray &from_app)=0
Performs one iteration of the TLS session processing.
virtual bool serverHelloReceived() const =0
Returns true if the TLS server hello has been received.
Result
Result of a TLS operation.
Definition: qcaprovider.h:2294
@ Success
Operation completed.
Definition: qcaprovider.h:2295
@ Error
Operation failed.
Definition: qcaprovider.h:2296
virtual void setSessionId(const TLSSessionContext &id)=0
Set the TLS session id, for session resuming.
virtual bool canCompress() const =0
Returns true if the provider supports compression.
void resultsReady()
Emit this when a start() or update() operation has completed.
virtual void reset()=0
Reset the object to its initial state.
virtual void start()=0
Begins the session, starting with the handshake.
virtual QList< CertificateInfoOrdered > issuerList() const =0
Returns the issuer list sent by the server (client mode only)
virtual QString hostName() const =0
Returns the host name sent by the client using server name indication (server mode only)
virtual void setTrustedCertificates(const CertificateCollection &trusted)=0
Set the list of trusted certificates.
virtual void setIssuerList(const QList< CertificateInfoOrdered > &issuerList)=0
Set the list of acceptable issuers.
virtual void setConstraints(int minSSF, int maxSSF)=0
Set the constraints of the session using SSF values.
virtual void setMTU(int size)
Set the maximum transmission unit size.
virtual bool waitForResultsReady(int msecs)=0
Waits for a start() or update() operation to complete.
virtual QStringList supportedCipherSuites(const TLS::Version &version) const =0
Returns a list of supported cipher suites for the specified SSL/TLS version.
virtual bool certificateRequested() const =0
Returns true if the peer is requesting a certificate.
virtual CertificateChain peerCertificateChain() const =0
Returns the peer certificate chain.
virtual bool canSetHostName() const =0
Returns true if the provider supports server name indication.
virtual QByteArray unprocessed()=0
Returns any unprocessed network input data.
virtual void setup(bool serverMode, const QString &hostName, bool compress)=0
Configure a new session.
void dtlsTimeout()
Emit this to force the application to call update(), even with empty arguments.
virtual bool eof() const =0
Returns true if the peer has closed the stream.
TLSContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:2306
virtual void shutdown()=0
Sets the session to the shutdown state.
TLS "session" provider.
Definition: qcaprovider.h:2215
TLSSessionContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:2223
Version
Version of TLS or SSL.
Definition: qca_securelayer.h:306
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:41
UsageMode
Specify the intended usage of a certificate.
Definition: qca_cert.h:483
DLGroupSet
Well known discrete logarithm group sets.
Definition: qca_publickey.h:135
CertificateRequestFormat
Certificate Request Format.
Definition: qca_cert.h:54
QList< ConstraintType > Constraints
Certificate constraints type
Definition: qca_cert.h:590
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:497
EncryptionAlgorithm
Encryption algorithms.
Definition: qca_publickey.h:55
PBEAlgorithm
Password-based encryption.
Definition: qca_publickey.h:103
Direction
Direction settings for symmetric algorithms.
Definition: qca_core.h:141
ValidateFlags
The conditions to validate for a certificate.
Definition: qca_cert.h:517
ConvertResult
Return value from a format conversion.
Definition: qca_publickey.h:119
SignatureAlgorithm
Signature algorithm variants.
Definition: qca_publickey.h:74
SignatureFormat
Signature formats (DSA only)
Definition: qca_publickey.h:93
Header file for classes for cryptographic primitives (basic operations).
Header file for PGP key and X.509 certificate related classes.
Header file for core QCA infrastructure.
Header file for classes that provide and manage keys.
Header file for PublicKey and PrivateKey related classes.
Header file for SecureLayer and its subclasses.
Header file for secure message (PGP, CMS) classes.