qca_securelayer.h

Go to the documentation of this file.
00001 /*
00002  * qca_securelayer.h - Qt Cryptographic Architecture
00003  * Copyright (C) 2003-2007  Justin Karneges <justin@affinix.com>
00004  * Copyright (C) 2004-2006  Brad Hards <bradh@frogmouth.net>
00005  *
00006  * This library is free software; you can redistribute it and/or
00007  * modify it under the terms of the GNU Lesser General Public
00008  * License as published by the Free Software Foundation; either
00009  * version 2.1 of the License, or (at your option) any later version.
00010  *
00011  * This library is distributed in the hope that it will be useful,
00012  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00013  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00014  * Lesser General Public License for more details.
00015  *
00016  * You should have received a copy of the GNU Lesser General Public
00017  * License along with this library; if not, write to the Free Software
00018  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
00019  * 02110-1301  USA
00020  *
00021  */
00022 
00032 #ifndef QCA_SECURELAYER_H
00033 #define QCA_SECURELAYER_H
00034 
00035 #include <QObject>
00036 #include "qca_core.h"
00037 #include "qca_publickey.h"
00038 #include "qca_cert.h"
00039 
00040 namespace QCA {
00041 
00059 enum SecurityLevel
00060 {
00061         SL_None,      
00062         SL_Integrity, 
00063         SL_Export,    
00064         SL_Baseline,  
00065         SL_High,      
00066         SL_Highest    
00067 };
00068 
00104 class QCA_EXPORT SecureLayer : public QObject
00105 {
00106         Q_OBJECT
00107 public:
00114         SecureLayer(QObject *parent = 0);
00115 
00119         virtual bool isClosable() const;
00120 
00125         virtual int bytesAvailable() const = 0;
00126 
00131         virtual int bytesOutgoingAvailable() const = 0;
00132 
00140         virtual void close();
00141 
00149         virtual void write(const QByteArray &a) = 0;
00150 
00157         virtual QByteArray read() = 0;
00158 
00168         virtual void writeIncoming(const QByteArray &a) = 0;
00169 
00179         virtual QByteArray readOutgoing(int *plainBytes = 0) = 0;
00180 
00188         virtual QByteArray readUnprocessed();
00189 
00195         virtual int convertBytesWritten(qint64 encryptedBytes) = 0;
00196 
00197 Q_SIGNALS:
00204         void readyRead();
00205 
00212         void readyReadOutgoing();
00213 
00218         void closed();
00219 
00224         void error();
00225 
00226 private:
00227         Q_DISABLE_COPY(SecureLayer)
00228 };
00229 
00238 class QCA_EXPORT TLSSession : public Algorithm
00239 {
00240 public:
00241         TLSSession();
00242 
00248         TLSSession(const TLSSession &from);
00249 
00250         ~TLSSession();
00251 
00257         TLSSession & operator=(const TLSSession &from);
00258 
00262         bool isNull() const;
00263 };
00264 
00289 class QCA_EXPORT TLS : public SecureLayer, public Algorithm
00290 {
00291         Q_OBJECT
00292 public:
00296         enum Mode
00297         {
00298                 Stream,  
00299                 Datagram 
00300         };
00301 
00305         enum Version
00306         {
00307                 TLS_v1, 
00308                 SSL_v3, 
00309                 SSL_v2, 
00310                 DTLS_v1 
00311         };
00312 
00316         enum Error
00317         {
00318                 ErrorSignerExpired,   
00319                 ErrorSignerInvalid,   
00320                 ErrorCertKeyMismatch, 
00321                 ErrorInit,            
00322                 ErrorHandshake,       
00323                 ErrorCrypt            
00324         };
00325 
00329         enum IdentityResult
00330         {
00331                 Valid,              
00332                 HostMismatch,       
00333                 InvalidCertificate, 
00334                 NoCertificate       
00335         };
00336 
00348         explicit TLS(QObject *parent = 0, const QString &provider = QString());
00349 
00361         explicit TLS(Mode mode, QObject *parent = 0, const QString &provider = QString());
00362 
00366         ~TLS();
00367 
00371         void reset();
00372 
00387         QStringList supportedCipherSuites(const Version &version = TLS_v1) const;
00388 
00402         void setCertificate(const CertificateChain &cert, const PrivateKey &key);
00403 
00412         void setCertificate(const KeyBundle &kb);
00413 
00417         CertificateCollection trustedCertificates() const;
00418 
00430         void setTrustedCertificates(const CertificateCollection &trusted);
00431 
00437         void setConstraints(SecurityLevel s);
00438 
00447         void setConstraints(int minSSF, int maxSSF);
00448 
00459         void setConstraints(const QStringList &cipherSuiteList);
00460 
00483         QList<CertificateInfoOrdered> issuerList() const;
00484 
00491         void setIssuerList(const QList<CertificateInfoOrdered> &issuers);
00492 
00498         void setSession(const TLSSession &session);
00499 
00505         bool canCompress() const;
00506 
00513         bool canSetHostName() const;
00514 
00522         bool compressionEnabled() const;
00523 
00530         void setCompressionEnabled(bool b);
00531 
00536         QString hostName() const;
00537 
00557         void startClient(const QString &host = QString());
00558 
00562         void startServer();
00563 
00573         void continueAfterStep();
00574 
00582         bool isHandshaken() const;
00583 
00589         bool isCompressed() const;
00590 
00594         Version version() const;
00595 
00602         QString cipherSuite() const;
00603 
00613         int cipherBits() const;
00614 
00621         int cipherMaxBits() const;
00622 
00627         TLSSession session() const;
00628 
00634         Error errorCode() const;
00635 
00653         IdentityResult peerIdentityResult() const;
00654 
00663         Validity peerCertificateValidity() const;
00664 
00669         CertificateChain localCertificateChain() const;
00670 
00675         PrivateKey localPrivateKey() const;
00676 
00681         CertificateChain peerCertificateChain() const;
00682 
00683         // reimplemented
00684         virtual bool isClosable() const;
00685         virtual int bytesAvailable() const;
00686         virtual int bytesOutgoingAvailable() const;
00687         virtual void close();
00688         virtual void write(const QByteArray &a);
00689         virtual QByteArray read();
00690         virtual void writeIncoming(const QByteArray &a);
00691         virtual QByteArray readOutgoing(int *plainBytes = 0);
00692         virtual QByteArray readUnprocessed();
00693         virtual int convertBytesWritten(qint64 encryptedBytes);
00694 
00701         int packetsAvailable() const;
00702 
00709         int packetsOutgoingAvailable() const;
00710 
00716         int packetMTU() const;
00717 
00725         void setPacketMTU(int size) const;
00726 
00727 Q_SIGNALS:
00739         void hostNameReceived();
00740 
00752         void certificateRequested();
00753 
00764         void peerCertificateAvailable();
00765 
00777         void handshaken();
00778 
00779 protected:
00786         void connectNotify(const char *signal);
00787 
00794         void disconnectNotify(const char *signal);
00795 
00796 private:
00797         Q_DISABLE_COPY(TLS)
00798 
00799         class Private;
00800         friend class Private;
00801         Private *d;
00802 };
00803 
00831 class QCA_EXPORT SASL : public SecureLayer, public Algorithm
00832 {
00833         Q_OBJECT
00834 public:
00838         enum