Qt Cryptographic Architecture
qcaprovider.h
Go to the documentation of this file.
1 /*
2  * qcaprovider.h - QCA Plugin API
3  * Copyright (C) 2003-2007 Justin Karneges <justin@affinix.com>
4  * Copyright (C) 2004,2005 Brad Hards <bradh@frogmouth.net>
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19  * 02110-1301 USA
20  *
21  */
22 
33 #ifndef QCAPROVIDER_H
34 #define QCAPROVIDER_H
35 
36 #include "qca_core.h"
37 #include "qca_basic.h"
38 #include "qca_publickey.h"
39 #include "qca_cert.h"
40 #include "qca_keystore.h"
41 #include "qca_securelayer.h"
42 #include "qca_securemessage.h"
43 
44 #include <limits>
45 
46 #ifndef DOXYGEN_NO_PROVIDER_API
47 
82 class QCA_EXPORT QCAPlugin
83 {
84 public:
88  virtual ~QCAPlugin() {}
89 
93  virtual QCA::Provider *createProvider() = 0;
94 };
95 
96 Q_DECLARE_INTERFACE(QCAPlugin, "com.affinix.qca.Plugin/1.0")
97 
98 namespace QCA {
99 
110 class QCA_EXPORT InfoContext : public BasicContext
111 {
112  Q_OBJECT
113 public:
119  InfoContext(Provider *p) : BasicContext(p, QStringLiteral("info") ) {}
120 
124  virtual QStringList supportedHashTypes() const;
125 
129  virtual QStringList supportedCipherTypes() const;
130 
134  virtual QStringList supportedMACTypes() const;
135 };
136 
147 class QCA_EXPORT RandomContext : public BasicContext
148 {
149  Q_OBJECT
150 public:
156  RandomContext(Provider *p) : BasicContext(p, QStringLiteral("random")) {}
157 
163  virtual SecureArray nextBytes(int size) = 0;
164 };
165 
176 class QCA_EXPORT HashContext : public BasicContext
177 {
178  Q_OBJECT
179 public:
186  HashContext(Provider *p, const QString &type) : BasicContext(p, type) {}
187 
191  virtual void clear() = 0;
192 
198  virtual void update(const MemoryRegion &a) = 0;
199 
203  virtual MemoryRegion final() = 0;
204 };
205 
216 class QCA_EXPORT CipherContext : public BasicContext
217 {
218  Q_OBJECT
219 public:
229  CipherContext(Provider *p, const QString &type) : BasicContext(p, type) {}
230 
239  virtual void setup(Direction dir, const SymmetricKey &key, const InitializationVector &iv, const AuthTag &tag) = 0;
240 
244  virtual KeyLength keyLength() const = 0;
245 
249  virtual int blockSize() const = 0;
250 
254  virtual AuthTag tag() const = 0;
255 
262  virtual bool update(const SecureArray &in, SecureArray *out) = 0;
263 
269  virtual bool final(SecureArray *out) = 0;
270 };
271 
283 class QCA_EXPORT MACContext : public BasicContext
284 {
285  Q_OBJECT
286 public:
292  MACContext(Provider *p, const QString &type) : BasicContext(p, type) {}
293 
299  virtual void setup(const SymmetricKey &key) = 0;
300 
304  virtual KeyLength keyLength() const = 0;
305 
311  virtual void update(const MemoryRegion &in) = 0;
312 
318  virtual void final(MemoryRegion *out) = 0;
319 
320 protected:
325  {
326  // this is used instead of a default implementation to make sure that
327  // provider authors think about it, at least a bit.
328  // See Meyers, Effective C++, Effective C++ (2nd Ed), Item 36
329  return KeyLength( 0, INT_MAX, 1 );
330  }
331 };
332 
344 class QCA_EXPORT KDFContext : public BasicContext
345 {
346  Q_OBJECT
347 public:
354  KDFContext(Provider *p, const QString &type) : BasicContext(p, type) {}
355 
364  virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, unsigned int keyLength, unsigned int iterationCount) = 0;
365 
375  virtual SymmetricKey makeKey(const SecureArray &secret,
376  const InitializationVector &salt,
377  unsigned int keyLength,
378  int msecInterval,
379  unsigned int *iterationCount) = 0;
380 };
381 
392 class QCA_EXPORT HKDFContext : public BasicContext
393 {
394  Q_OBJECT
395 public:
402  HKDFContext(Provider *p, const QString &type) : BasicContext(p, type) {}
403 
412  virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt,
413  const InitializationVector &info, unsigned int keyLength) = 0;
414 };
415 
426 class QCA_EXPORT DLGroupContext : public Provider::Context
427 {
428  Q_OBJECT
429 public:
435  DLGroupContext(Provider *p) : Provider::Context(p, QStringLiteral("dlgroup")) {}
436 
441 
445  virtual bool isNull() const = 0;
446 
460  virtual void fetchGroup(DLGroupSet set, bool block) = 0;
461 
470  virtual void getResult(BigInteger *p, BigInteger *q, BigInteger *g) const = 0;
471 
472 Q_SIGNALS:
477  void finished();
478 };
479 
491 class QCA_EXPORT PKeyBase : public BasicContext
492 {
493  Q_OBJECT
494 public:
501  PKeyBase(Provider *p, const QString &type);
502 
508  virtual bool isNull() const = 0;
509 
513  virtual PKey::Type type() const = 0;
514 
518  virtual bool isPrivate() const = 0;
519 
525  virtual bool canExport() const = 0;
526 
533  virtual void convertToPublic() = 0;
534 
538  virtual int bits() const = 0;
539 
546  virtual int maximumEncryptSize(EncryptionAlgorithm alg) const;
547 
555 
564  virtual bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg);
565 
572  virtual void startSign(SignatureAlgorithm alg, SignatureFormat format);
573 
580  virtual void startVerify(SignatureAlgorithm alg, SignatureFormat format);
581 
588  virtual void update(const MemoryRegion &in);
589 
595  virtual QByteArray endSign();
596 
604  virtual bool endVerify(const QByteArray &sig);
605 
614  virtual SymmetricKey deriveKey(const PKeyBase &theirs);
615 
616 Q_SIGNALS:
621  void finished();
622 };
623 
635 class QCA_EXPORT RSAContext : public PKeyBase
636 {
637  Q_OBJECT
638 public:
644  RSAContext(Provider *p) : PKeyBase(p, QStringLiteral("rsa")) {}
645 
660  virtual void createPrivate(int bits, int exp, bool block) = 0;
661 
671  virtual void createPrivate(const BigInteger &n, const BigInteger &e, const BigInteger &p, const BigInteger &q, const BigInteger &d) = 0;
672 
679  virtual void createPublic(const BigInteger &n, const BigInteger &e) = 0;
680 
684  virtual BigInteger n() const = 0;
685 
689  virtual BigInteger e() const = 0;
690 
694  virtual BigInteger p() const = 0;
695 
699  virtual BigInteger q() const = 0;
700 
704  virtual BigInteger d() const = 0;
705 };
706 
718 class QCA_EXPORT DSAContext : public PKeyBase
719 {
720  Q_OBJECT
721 public:
727  DSAContext(Provider *p) : PKeyBase(p, QStringLiteral("dsa")) {}
728 
742  virtual void createPrivate(const DLGroup &domain, bool block) = 0;
743 
751  virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x) = 0;
752 
759  virtual void createPublic(const DLGroup &domain, const BigInteger &y) = 0;
760 
764  virtual DLGroup domain() const = 0;
765 
769  virtual BigInteger y() const = 0;
770 
774  virtual BigInteger x() const = 0;
775 };
776 
788 class QCA_EXPORT DHContext : public PKeyBase
789 {
790  Q_OBJECT
791 public:
797  DHContext(Provider *p) : PKeyBase(p, QStringLiteral("dh")) {}
798 
812  virtual void createPrivate(const DLGroup &domain, bool block) = 0;
813 
822  virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x) = 0;
823 
831  virtual void createPublic(const DLGroup &domain, const BigInteger &y) = 0;
832 
836  virtual DLGroup domain() const = 0;
837 
841  virtual BigInteger y() const = 0;
842 
846  virtual BigInteger x() const = 0;
847 };
848 
864 class QCA_EXPORT PKeyContext : public BasicContext
865 {
866  Q_OBJECT
867 public:
873  PKeyContext(Provider *p) : BasicContext(p, QStringLiteral("pkey")) {}
874 
878  virtual QList<PKey::Type> supportedTypes() const = 0;
879 
884  virtual QList<PKey::Type> supportedIOTypes() const = 0;
885 
891 
895  virtual PKeyBase *key() = 0;
896 
900  virtual const PKeyBase *key() const = 0;
901 
909  virtual void setKey(PKeyBase *key) = 0;
910 
922  virtual bool importKey(const PKeyBase *key) = 0;
923 
929  virtual QByteArray publicToDER() const;
930 
936  virtual QString publicToPEM() const;
937 
946  virtual ConvertResult publicFromDER(const QByteArray &a);
947 
956  virtual ConvertResult publicFromPEM(const QString &s);
957 
967  virtual SecureArray privateToDER(const SecureArray &passphrase, PBEAlgorithm pbe) const;
968 
978  virtual QString privateToPEM(const SecureArray &passphrase, PBEAlgorithm pbe) const;
979 
989  virtual ConvertResult privateFromDER(const SecureArray &a, const SecureArray &passphrase);
990 
1000  virtual ConvertResult privateFromPEM(const QString &s, const SecureArray &passphrase);
1001 };
1002 
1014 class QCA_EXPORT CertBase : public BasicContext
1015 {
1016  Q_OBJECT
1017 public:
1024  CertBase(Provider *p, const QString &type) : BasicContext(p, type) {}
1025 
1031  virtual QByteArray toDER() const = 0;
1032 
1038  virtual QString toPEM() const = 0;
1039 
1048  virtual ConvertResult fromDER(const QByteArray &a) = 0;
1049 
1058  virtual ConvertResult fromPEM(const QString &s) = 0;
1059 };
1060 
1075 class QCA_EXPORT CertContextProps
1076 {
1077 public:
1083  int version;
1084 
1090  QDateTime start;
1091 
1097  QDateTime end;
1098 
1103 
1110 
1115 
1119  QStringList policies;
1120 
1126  QStringList crlLocations;
1127 
1133  QStringList issuerLocations;
1134 
1140  QStringList ocspLocations;
1141 
1148 
1153  bool isCA;
1154 
1161 
1166 
1170  QByteArray sig;
1171 
1176 
1182  QByteArray subjectId;
1183 
1189  QByteArray issuerId;
1190 
1196  QString challenge;
1197 
1204 };
1205 
1218 class QCA_EXPORT CRLContextProps
1219 {
1220 public:
1225 
1229  int number;
1230 
1234  QDateTime thisUpdate;
1235 
1239  QDateTime nextUpdate;
1240 
1245 
1249  QByteArray sig;
1250 
1255 
1259  QByteArray issuerId;
1260 };
1261 
1262 class CRLContext;
1263 
1274 class QCA_EXPORT CertContext : public CertBase
1275 {
1276  Q_OBJECT
1277 public:
1283  CertContext(Provider *p) : CertBase(p, QStringLiteral("cert")) {}
1284 
1296  virtual bool createSelfSigned(const CertificateOptions &opts, const PKeyContext &priv) = 0;
1297 
1301  virtual const CertContextProps *props() const = 0;
1302 
1309  virtual bool compare(const CertContext *other) const = 0;
1310 
1315  virtual PKeyContext *subjectPublicKey() const = 0;
1316 
1323  virtual bool isIssuerOf(const CertContext *other) const = 0;
1324 
1336  virtual Validity validate(const QList<CertContext*> &trusted, const QList<CertContext*> &untrusted, const QList<CRLContext*> &crls, UsageMode u, ValidateFlags vf) const = 0;
1337 
1353  virtual Validity validate_chain(const QList<CertContext*> &chain, const QList<CertContext*> &trusted, const QList<CRLContext*> &crls, UsageMode u, ValidateFlags vf) const = 0;
1354 };
1355 
1367 class QCA_EXPORT CSRContext : public CertBase
1368 {
1369  Q_OBJECT
1370 public:
1376  CSRContext(Provider *p) : CertBase(p, QStringLiteral("csr")) {}
1377 
1384  virtual bool canUseFormat(CertificateRequestFormat f) const = 0;
1385 
1397  virtual bool createRequest(const CertificateOptions &opts, const PKeyContext &priv) = 0;
1398 
1402  virtual const CertContextProps *props() const = 0;
1403 
1410  virtual bool compare(const CSRContext *other) const = 0;
1411 
1416  virtual PKeyContext *subjectPublicKey() const = 0;
1417 
1424  virtual QString toSPKAC() const = 0;
1425 
1435  virtual ConvertResult fromSPKAC(const QString &s) = 0;
1436 };
1437 
1448 class QCA_EXPORT CRLContext : public CertBase
1449 {
1450  Q_OBJECT
1451 public:
1457  CRLContext(Provider *p) : CertBase(p, QStringLiteral("crl")) {}
1458 
1462  virtual const CRLContextProps *props() const = 0;
1463 
1469  virtual bool compare(const CRLContext *other) const = 0;
1470 };
1471 
1483 class QCA_EXPORT CertCollectionContext : public BasicContext
1484 {
1485  Q_OBJECT
1486 public:
1492  CertCollectionContext(Provider *p) : BasicContext(p, QStringLiteral("certcollection")) {}
1493 
1502  virtual QByteArray toPKCS7(const QList<CertContext*> &certs, const QList<CRLContext*> &crls) const = 0;
1503 
1517  virtual ConvertResult fromPKCS7(const QByteArray &a, QList<CertContext*> *certs, QList<CRLContext*> *crls) const = 0;
1518 };
1519 
1531 class QCA_EXPORT CAContext : public BasicContext
1532 {
1533  Q_OBJECT
1534 public:
1540  CAContext(Provider *p) : BasicContext(p, QStringLiteral("ca")) {}
1541 
1550  virtual void setup(const CertContext &cert, const PKeyContext &priv) = 0;
1551 
1556  virtual CertContext *certificate() const = 0;
1557 
1565  virtual CertContext *signRequest(const CSRContext &req, const QDateTime &notValidAfter) const = 0;
1566 
1574  virtual CertContext *createCertificate(const PKeyContext &pub, const CertificateOptions &opts) const = 0;
1575 
1584  virtual CRLContext *createCRL(const QDateTime &nextUpdate) const = 0;
1585 
1595  virtual CRLContext *updateCRL(const CRLContext &crl, const QList<CRLEntry> &entries, const QDateTime &nextUpdate) const = 0;
1596 };
1597 
1608 class QCA_EXPORT PKCS12Context : public BasicContext
1609 {
1610  Q_OBJECT
1611 public:
1617  PKCS12Context(Provider *p) : BasicContext(p, QStringLiteral("pkcs12")) {}
1618 
1629  virtual QByteArray toPKCS12(const QString &name, const QList<const CertContext*> &chain, const PKeyContext &priv, const SecureArray &passphrase) const = 0;
1630 
1645  virtual ConvertResult fromPKCS12(const QByteArray &in, const SecureArray &passphrase, QString *name, QList<CertContext*> *chain, PKeyContext **priv) const = 0;
1646 };
1647 
1660 class QCA_EXPORT PGPKeyContextProps
1661 {
1662 public:
1666  QString keyId;
1667 
1672  QStringList userIds;
1673 
1677  bool isSecret;
1678 
1682  QDateTime creationDate;
1683 
1687  QDateTime expirationDate;
1688 
1694  QString fingerprint;
1695 
1701 
1707 };
1708 
1719 class QCA_EXPORT PGPKeyContext : public BasicContext
1720 {
1721  Q_OBJECT
1722 public:
1728  PGPKeyContext(Provider *p) : BasicContext(p, QStringLiteral("pgpkey")) {}
1729 
1733  virtual const PGPKeyContextProps *props() const = 0;
1734 
1738  virtual QByteArray toBinary() const = 0;
1739 
1743  virtual QString toAscii() const = 0;
1744 
1753  virtual ConvertResult fromBinary(const QByteArray &a) = 0;
1754 
1763  virtual ConvertResult fromAscii(const QString &s) = 0;
1764 };
1765 
1777 class QCA_EXPORT KeyStoreEntryContext : public BasicContext
1778 {
1779  Q_OBJECT
1780 public:
1786  KeyStoreEntryContext(Provider *p) : BasicContext(p, QStringLiteral("keystoreentry")) {}
1787 
1791  virtual KeyStoreEntry::Type type() const = 0;
1792 
1798  virtual QString id() const = 0;
1799 
1803  virtual QString name() const = 0;
1804 
1808  virtual QString storeId() const = 0;
1809 
1813  virtual QString storeName() const = 0;
1814 
1818  virtual bool isAvailable() const;
1819 
1828  virtual QString serialize() const = 0;
1829 
1834  virtual KeyBundle keyBundle() const;
1835 
1840  virtual Certificate certificate() const;
1841 
1846  virtual CRL crl() const;
1847 
1852  virtual PGPKey pgpSecretKey() const;
1853 
1859  virtual PGPKey pgpPublicKey() const;
1860 
1869  virtual bool ensureAccess();
1870 };
1871 
1882 class QCA_EXPORT KeyStoreListContext : public Provider::Context
1883 {
1884  Q_OBJECT
1885 public:
1891  KeyStoreListContext(Provider *p) : Provider::Context(p, QStringLiteral("keystorelist")) {}
1892 
1896  virtual void start();
1897 
1906  virtual void setUpdatesEnabled(bool enabled);
1907 
1917  virtual QList<int> keyStores() = 0;
1918 
1925  virtual KeyStore::Type type(int id) const = 0;
1926 
1938  virtual QString storeId(int id) const = 0;
1939 
1946  virtual QString name(int id) const = 0;
1947 
1956  virtual bool isReadOnly(int id) const;
1957 
1967  virtual QList<KeyStoreEntry::Type> entryTypes(int id) const = 0;
1968 
1978 
1988  virtual KeyStoreEntryContext *entry(int id, const QString &entryId);
1989 
2002  virtual KeyStoreEntryContext *entryPassive(const QString &serialized);
2003 
2013  virtual QString writeEntry(int id, const KeyBundle &kb);
2014 
2024  virtual QString writeEntry(int id, const Certificate &cert);
2025 
2035  virtual QString writeEntry(int id, const CRL &crl);
2036 
2046  virtual QString writeEntry(int id, const PGPKey &key);
2047 
2057  virtual bool removeEntry(int id, const QString &entryId);
2058 
2059 Q_SIGNALS:
2077  void busyStart();
2078 
2086  void busyEnd();
2087 
2092  void updated();
2093 
2099  void diagnosticText(const QString &str);
2100 
2107  void storeUpdated(int id);
2108 };
2109 
2120 class QCA_EXPORT TLSSessionContext : public BasicContext
2121 {
2122  Q_OBJECT
2123 public:
2129  TLSSessionContext(Provider *p) : BasicContext(p, QStringLiteral("tlssession")) {}
2130 };
2131 
2142 class QCA_EXPORT TLSContext : public Provider::Context
2143 {
2144  Q_OBJECT
2145 public:
2156  {
2157  public:
2162 
2167 
2173  QString cipherSuite;
2174 
2179 
2185 
2191  };
2192 
2196  enum Result
2197  {
2200  Continue
2201  };
2202 
2209  TLSContext(Provider *p, const QString &type) : Provider::Context(p, type) {}
2210 
2214  virtual void reset() = 0;
2215 
2223  virtual QStringList supportedCipherSuites(const TLS::Version &version) const = 0;
2224 
2228  virtual bool canCompress() const = 0;
2229 
2233  virtual bool canSetHostName() const = 0;
2234 
2238  virtual int maxSSF() const = 0;
2239 
2250  virtual void setup(bool serverMode, const QString &hostName, bool compress) = 0;
2251 
2260  virtual void setConstraints(int minSSF, int maxSSF) = 0;
2261 
2274  virtual void setConstraints(const QStringList &cipherSuiteList) = 0;
2275 
2283  virtual void setTrustedCertificates(const CertificateCollection &trusted) = 0;
2284 
2294  virtual void setIssuerList(const QList<CertificateInfoOrdered> &issuerList) = 0;
2295 
2304  virtual void setCertificate(const CertificateChain &cert, const PrivateKey &key) = 0;
2305 
2313  virtual void setSessionId(const TLSSessionContext &id) = 0;
2314 
2323  virtual void shutdown() = 0;
2324 
2332  virtual void setMTU(int size);
2333 
2346  virtual void start() = 0;
2347 
2373  virtual void update(const QByteArray &from_net, const QByteArray &from_app) = 0;
2374 
2384  virtual bool waitForResultsReady(int msecs) = 0;
2385 
2389  virtual Result result() const = 0;
2390 
2394  virtual QByteArray to_net() = 0;
2395 
2400  virtual int encoded() const = 0;
2401 
2406  virtual QByteArray to_app() = 0;
2407 
2411  virtual bool eof() const = 0;
2412 
2419  virtual bool clientHelloReceived() const = 0;
2420 
2426  virtual bool serverHelloReceived() const = 0;
2427 
2434  virtual QString hostName() const = 0;
2435 
2441  virtual bool certificateRequested() const = 0;
2442 
2449 
2455  virtual Validity peerCertificateValidity() const = 0;
2456 
2463 
2469  virtual SessionInfo sessionInfo() const = 0;
2470 
2476  virtual QByteArray unprocessed() = 0;
2477 
2478 Q_SIGNALS:
2483 
2488  void dtlsTimeout();
2489 };
2490 
2501 class QCA_EXPORT SASLContext : public Provider::Context
2502 {
2503  Q_OBJECT
2504 public:
2514  class HostPort
2515  {
2516  public:
2520  QString addr;
2521 
2525  quint16 port;
2526  };
2527 
2531  enum Result
2532  {
2537  Continue
2538  };
2539 
2545  SASLContext(Provider *p) : Provider::Context(p, QStringLiteral("sasl")) {}
2546 
2550  virtual void reset() = 0;
2551 
2573  virtual void setup(const QString &service, const QString &host, const HostPort *local, const HostPort *remote, const QString &ext_id, int ext_ssf) = 0;
2574 
2585  virtual void setConstraints(SASL::AuthFlags f, int minSSF, int maxSSF) = 0;
2586 
2602  virtual void startClient(const QStringList &mechlist, bool allowClientSendFirst) = 0;
2603 
2619  virtual void startServer(const QString &realm, bool disableServerSendLast) = 0;
2620 
2634  virtual void serverFirstStep(const QString &mech, const QByteArray *clientInit) = 0;
2635 
2647  virtual void nextStep(const QByteArray &from_net) = 0;
2648 
2658  virtual void tryAgain() = 0;
2659 
2672  virtual void update(const QByteArray &from_net, const QByteArray &from_app) = 0;
2673 
2684  virtual bool waitForResultsReady(int msecs) = 0;
2685 
2689  virtual Result result() const = 0;
2690 
2694  virtual QStringList mechlist() const = 0;
2695 
2699  virtual QString mech() const = 0;
2700 
2704  virtual bool haveClientInit() const = 0;
2705 
2710  virtual QByteArray stepData() const = 0;
2711 
2716  virtual QByteArray to_net() = 0;
2717 
2722  virtual int encoded() const = 0;
2723 
2728  virtual QByteArray to_app() = 0;
2729 
2735  virtual int ssf() const = 0;
2736 
2743  virtual SASL::AuthCondition authCondition() const = 0;
2744 
2750  virtual SASL::Params clientParams() const = 0;
2751 
2760  virtual void setClientParams(const QString *user, const QString *authzid, const SecureArray *pass, const QString *realm) = 0;
2761 
2768  virtual QStringList realmlist() const = 0;
2769 
2775  virtual QString username() const = 0;
2776 
2782  virtual QString authzid() const = 0;
2783 
2784 Q_SIGNALS:
2790 };
2791 
2803 class QCA_EXPORT MessageContext : public Provider::Context
2804 {
2805  Q_OBJECT
2806 public:
2811  {
2816  SignAndEncrypt
2817  };
2818 
2825  MessageContext(Provider *p, const QString &type) : Provider::Context(p, type) {}
2826 
2831  virtual bool canSignMultiple() const = 0;
2832 
2836  virtual SecureMessage::Type type() const = 0;
2837 
2841  virtual void reset() = 0;
2842 
2848  virtual void setupEncrypt(const SecureMessageKeyList &keys) = 0;
2849 
2858  virtual void setupSign(const SecureMessageKeyList &keys, SecureMessage::SignMode m, bool bundleSigner, bool smime) = 0;
2859 
2865  virtual void setupVerify(const QByteArray &detachedSig) = 0;
2866 
2880  virtual void start(SecureMessage::Format f, Operation op) = 0;
2881 
2887  virtual void update(const QByteArray &in) = 0;
2888 
2892  virtual QByteArray read() = 0;
2893 
2898  virtual int written() = 0;
2899 
2903  virtual void end() = 0;
2904 
2908  virtual bool finished() const = 0;
2909 
2919  virtual bool waitForFinished(int msecs) = 0;
2920 
2926  virtual bool success() const = 0;
2927 
2934  virtual SecureMessage::Error errorCode() const = 0;
2935 
2942  virtual QByteArray signature() const = 0;
2943 
2950  virtual QString hashName() const = 0;
2951 
2959 
2967  virtual QString diagnosticText() const;
2968 
2969 Q_SIGNALS:
2974  void updated();
2975 };
2976 
2988 class QCA_EXPORT SMSContext : public BasicContext
2989 {
2990  Q_OBJECT
2991 public:
2998  SMSContext(Provider *p, const QString &type) : BasicContext(p, type) {}
2999 
3010  virtual void setTrustedCertificates(const CertificateCollection &trusted);
3011 
3020  virtual void setUntrustedCertificates(const CertificateCollection &untrusted);
3021 
3030  virtual void setPrivateKeys(const QList<SecureMessageKey> &keys);
3031 
3037 };
3038 
3039 }
3040 #endif
3041 
3042 #endif
Provider plugin base class.
Definition: qcaprovider.h:83
virtual QCA::Provider * createProvider()=0
Returns a newly allocated Provider instance.
virtual ~QCAPlugin()
Destructs the object.
Definition: qcaprovider.h:88
Container for authentication tag.
Definition: qca_core.h:1335
Base class to use for primitive provider contexts.
Definition: qca_core.h:998
Arbitrary precision integer.
Definition: qca_tools.h:571
X.509 certificate authority provider.
Definition: qcaprovider.h:1532
virtual CRLContext * createCRL(const QDateTime &nextUpdate) const =0
Create a new CRL and return it.
virtual CertContext * signRequest(const CSRContext &req, const QDateTime &notValidAfter) const =0
Issue a certificate based on a certificate request, and return the certificate.
CAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1540
virtual CRLContext * updateCRL(const CRLContext &crl, const QList< CRLEntry > &entries, const QDateTime &nextUpdate) const =0
Update an existing CRL, by examining an old one and creating a new one based on it.
virtual CertContext * certificate() const =0
Returns a copy of the CA's certificate.
virtual void setup(const CertContext &cert, const PKeyContext &priv)=0
Prepare the object for usage.
virtual CertContext * createCertificate(const PKeyContext &pub, const CertificateOptions &opts) const =0
Issue a certificate based on a public key and options, and return the certificate.
X.509 certificate revocation list properties.
Definition: qcaprovider.h:1219
int number
The CRL number, which increases at each update.
Definition: qcaprovider.h:1229
QList< CRLEntry > revoked
The revoked entries.
Definition: qcaprovider.h:1244
SignatureAlgorithm sigalgo
The signature algorithm used by the issuer to sign the CRL.
Definition: qcaprovider.h:1254
QByteArray issuerId
The issuer id.
Definition: qcaprovider.h:1259
QByteArray sig
The signature data of the CRL.
Definition: qcaprovider.h:1249
QDateTime nextUpdate
The time this CRL expires, and the next CRL should be fetched.
Definition: qcaprovider.h:1239
CertificateInfoOrdered issuer
The issuer information of the CRL.
Definition: qcaprovider.h:1224
QDateTime thisUpdate
The time this CRL was created.
Definition: qcaprovider.h:1234
X.509 certificate revocation list provider.
Definition: qcaprovider.h:1449
virtual const CRLContextProps * props() const =0
Returns a pointer to the properties of this CRL.
CRLContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1457
virtual bool compare(const CRLContext *other) const =0
Returns true if this CRL is equal to another CRL, otherwise false.
Certificate Revocation List
Definition: qca_cert.h:1703
X.509 certificate request provider.
Definition: qcaprovider.h:1368
virtual const CertContextProps * props() const =0
Returns a pointer to the properties of this certificate request.
virtual bool compare(const CSRContext *other) const =0
Returns true if this certificate request is equal to another certificate request, otherwise false.
virtual QString toSPKAC() const =0
Convert this certificate request to Netscape SPKAC format, and return the value.
virtual bool canUseFormat(CertificateRequestFormat f) const =0
Returns true if the provider of this object supports the specified format, otherwise false.
CSRContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1376
virtual bool createRequest(const CertificateOptions &opts, const PKeyContext &priv)=0
Create a certificate request based on the given options and private key.
virtual ConvertResult fromSPKAC(const QString &s)=0
Read Netscape SPKAC input and convert it into a certificate request.
virtual PKeyContext * subjectPublicKey() const =0
Returns a copy of this certificate request's public key.
X.509 certificate and certificate request provider base.
Definition: qcaprovider.h:1015
virtual QByteArray toDER() const =0
Convert this object to DER format, and return the value.
CertBase(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:1024
virtual ConvertResult fromDER(const QByteArray &a)=0
Read DER-formatted input and convert it into this object.
virtual ConvertResult fromPEM(const QString &s)=0
Read PEM-formatted input and convert it into this object.
virtual QString toPEM() const =0
Convert this object to PEM format, and return the value.
X.509 certificate collection provider.
Definition: qcaprovider.h:1484
virtual QByteArray toPKCS7(const QList< CertContext * > &certs, const QList< CRLContext * > &crls) const =0
Create PKCS#7 DER output based on the input certificates and CRLs.
virtual ConvertResult fromPKCS7(const QByteArray &a, QList< CertContext * > *certs, QList< CRLContext * > *crls) const =0
Read PKCS#7 DER input and convert it into a list of certificates and CRLs.
CertCollectionContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1492
X.509 certificate or certificate request properties.
Definition: qcaprovider.h:1076
CertificateInfoOrdered subject
The subject information.
Definition: qcaprovider.h:1102
QStringList ocspLocations
A list of URIs for OCSP services.
Definition: qcaprovider.h:1140
int version
The X.509 certificate version, usually 3.
Definition: qcaprovider.h:1083
QStringList crlLocations
A list of URIs for CRLs.
Definition: qcaprovider.h:1126
QStringList issuerLocations
A list of URIs for issuer certificates.
Definition: qcaprovider.h:1133
QStringList policies
The policies.
Definition: qcaprovider.h:1119
int pathLimit
The path limit.
Definition: qcaprovider.h:1165
bool isSelfSigned
True if the certificate is self-signed.
Definition: qcaprovider.h:1160
QByteArray issuerId
The issuer id.
Definition: qcaprovider.h:1189
QDateTime start
The time the certificate becomes valid (often the time of create)
Definition: qcaprovider.h:1090
BigInteger serial
The certificate serial number.
Definition: qcaprovider.h:1147
QString challenge
The SPKAC challenge value.
Definition: qcaprovider.h:1196
QDateTime end
The time the certificate expires.
Definition: qcaprovider.h:1097
CertificateRequestFormat format
The format used for the certificate request.
Definition: qcaprovider.h:1203
CertificateInfoOrdered issuer
The issuer information.
Definition: qcaprovider.h:1109
SignatureAlgorithm sigalgo
The signature algorithm used to create the signature.
Definition: qcaprovider.h:1175
QByteArray sig
The signature data.
Definition: qcaprovider.h:1170
QByteArray subjectId
The subject id.
Definition: qcaprovider.h:1182
Constraints constraints
The constraints.
Definition: qcaprovider.h:1114
bool isCA
True if the certificate is a CA or the certificate request is requesting to be a CA,...
Definition: qcaprovider.h:1153
X.509 certificate provider.
Definition: qcaprovider.h:1275
virtual PKeyContext * subjectPublicKey() const =0
Returns a copy of this certificate's public key.
virtual bool compare(const CertContext *other) const =0
Returns true if this certificate is equal to another certificate, otherwise false.
virtual const CertContextProps * props() const =0
Returns a pointer to the properties of this certificate.
virtual bool isIssuerOf(const CertContext *other) const =0
Returns true if this certificate is an issuer of another certificate, otherwise false.
virtual Validity validate(const QList< CertContext * > &trusted, const QList< CertContext * > &untrusted, const QList< CRLContext * > &crls, UsageMode u, ValidateFlags vf) const =0
Validate this certificate.
virtual Validity validate_chain(const QList< CertContext * > &chain, const QList< CertContext * > &trusted, const QList< CRLContext * > &crls, UsageMode u, ValidateFlags vf) const =0
Validate a certificate chain.
virtual bool createSelfSigned(const CertificateOptions &opts, const PKeyContext &priv)=0
Create a self-signed certificate based on the given options and private key.
CertContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1283
A chain of related Certificates.
Definition: qca_cert.h:1208
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1891
Ordered certificate properties type.
Definition: qca_cert.h:540
Certificate options
Definition: qca_cert.h:602
Public Key (X.509) certificate.
Definition: qca_cert.h:849
Cipher provider.
Definition: qcaprovider.h:217
CipherContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:229
virtual void setup(Direction dir, const SymmetricKey &key, const InitializationVector &iv, const AuthTag &tag)=0
Set up the object for encrypt/decrypt.
virtual AuthTag tag() const =0
Returns the authentication tag for this cipher.
virtual KeyLength keyLength() const =0
Returns the KeyLength for this cipher.
virtual int blockSize() const =0
Returns the block size for this cipher.
virtual bool update(const SecureArray &in, SecureArray *out)=0
Process a chunk of data.
Diffie-Hellman provider.
Definition: qcaprovider.h:789
virtual BigInteger x() const =0
Returns the private X component of this Diffie-Hellman key.
virtual void createPrivate(const DLGroup &domain, bool block)=0
Generate a Diffie-Hellman private key.
virtual BigInteger y() const =0
Returns the public Y component of this Diffie-Hellman key.
virtual DLGroup domain() const =0
Returns the public domain component of this Diffie-Hellman key.
virtual void createPublic(const DLGroup &domain, const BigInteger &y)=0
Create a Diffie-Hellman public key based on its numeric components.
DHContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:797
virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x)=0
Create a Diffie-Hellman private key based on its numeric components.
Discrete logarithm provider.
Definition: qcaprovider.h:427
virtual void getResult(BigInteger *p, BigInteger *q, BigInteger *g) const =0
Obtain the result of the operation.
virtual bool isNull() const =0
Returns true if there is a result to obtain.
virtual QList< DLGroupSet > supportedGroupSets() const =0
The DLGroupSets supported by this object.
void finished()
Emitted when the fetchGroup() operation completes in non-blocking mode.
DLGroupContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:435
virtual void fetchGroup(DLGroupSet set, bool block)=0
Attempt to create P, Q, and G values from the specified group set.
A discrete logarithm group.
Definition: qca_publickey.h:171
DSA provider.
Definition: qcaprovider.h:719
virtual BigInteger y() const =0
Returns the public Y component of this DSA key.
virtual void createPrivate(const DLGroup &domain, const BigInteger &y, const BigInteger &x)=0
Create a DSA private key based on its numeric components.
virtual void createPrivate(const DLGroup &domain, bool block)=0
Generate a DSA private key.
virtual DLGroup domain() const =0
Returns the public domain component of this DSA key.
virtual void createPublic(const DLGroup &domain, const BigInteger &y)=0
Create a DSA public key based on its numeric components.
virtual BigInteger x() const =0
Returns the private X component of this DSA key.
DSAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:727
HKDF provider.
Definition: qcaprovider.h:393
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, const InitializationVector &info, unsigned int keyLength)=0
Create a key and return it.
HKDFContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:402
Hash provider.
Definition: qcaprovider.h:177
HashContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:186
virtual void clear()=0
Reset the object to its initial state.
virtual void update(const MemoryRegion &a)=0
Process a chunk of data.
Extended provider information.
Definition: qcaprovider.h:111
virtual QStringList supportedHashTypes() const
The hash algorithms supported by the provider.
virtual QStringList supportedMACTypes() const
The mac algorithms supported by the provider.
InfoContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:119
virtual QStringList supportedCipherTypes() const
The cipher algorithms supported by the provider.
Container for initialisation vectors and nonces.
Definition: qca_core.h:1298
Key derivation function provider.
Definition: qcaprovider.h:345
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, unsigned int keyLength, int msecInterval, unsigned int *iterationCount)=0
Create a key and return it.
KDFContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:354
virtual SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, unsigned int keyLength, unsigned int iterationCount)=0
Create a key and return it.
Certificate chain and private key pair.
Definition: qca_cert.h:2136
Simple container for acceptable key lengths.
Definition: qca_core.h:701
KeyStoreEntry provider.
Definition: qcaprovider.h:1778
virtual QString storeId() const =0
Returns the id of the store that contains this entry.
virtual bool isAvailable() const
Returns true if the private key of this entry is present for use.
virtual QString serialize() const =0
Serialize the information about this entry.
KeyStoreEntryContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1786
virtual bool ensureAccess()
Attempt to ensure the private key of this entry is usable and accessible, potentially prompting the u...
virtual KeyBundle keyBundle() const
If this entry is of type KeyStoreEntry::TypeKeyBundle, this function returns the KeyBundle of the ent...
virtual QString storeName() const =0
Returns the name of the store that contains this entry.
virtual PGPKey pgpPublicKey() const
If this entry is of type KeyStoreEntry::TypePGPPublicKey or KeyStoreEntry::TypePGPSecretKey,...
virtual PGPKey pgpSecretKey() const
If this entry is of type KeyStoreEntry::TypePGPSecretKey, this function returns the secret PGPKey of ...
virtual QString id() const =0
Returns the entry id.
virtual CRL crl() const
If this entry is of type KeyStoreEntry::TypeCRL, this function returns the CRL of the entry.
virtual Certificate certificate() const
If this entry is of type KeyStoreEntry::TypeCertificate, this function returns the Certificate of the...
virtual QString name() const =0
Returns the name of this entry.
virtual KeyStoreEntry::Type type() const =0
Returns the entry type.
Type
The type of entry in the KeyStore.
Definition: qca_keystore.h:147
KeyStore provider.
Definition: qcaprovider.h:1883
virtual KeyStoreEntryContext * entryPassive(const QString &serialized)
Returns a single entry, created from the serialization string of a previous entry (using KeyStoreEntr...
void busyEnd()
Emit this to leave the busy state.
virtual QString writeEntry(int id, const Certificate &cert)
Write a Certificate to the store.
virtual QString writeEntry(int id, const KeyBundle &kb)
Write a KeyBundle to the store.
void updated()
Indicates the list of keystores has changed, and that QCA should call keyStores() to obtain the lates...
virtual KeyStore::Type type(int id) const =0
Returns the type of the specified store, or -1 if the integer context id is invalid.
virtual QList< int > keyStores()=0
Returns a list of integer context ids, each representing a keystore instance.
virtual bool removeEntry(int id, const QString &entryId)
Remove an entry from the store.
virtual QList< KeyStoreEntry::Type > entryTypes(int id) const =0
Returns the types supported by the store, or an empty list if the integer context id is invalid.
virtual KeyStoreEntryContext * entry(int id, const QString &entryId)
Returns a single entry in the store, if the entry id is already known.
void storeUpdated(int id)
Indicates that the entry list of a keystore has changed (entries added, removed, or modified)
void diagnosticText(const QString &str)
Emitted when there is diagnostic text to report.
void busyStart()
Emit this when the provider is busy looking for keystores.
KeyStoreListContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1891
virtual void setUpdatesEnabled(bool enabled)
Enables or disables update events.
virtual bool isReadOnly(int id) const
Returns true if the store is read-only.
virtual QList< KeyStoreEntryContext * > entryList(int id)=0
Returns the entries of the store, or an empty list if the integer context id is invalid.
virtual void start()
Starts the keystore provider.
virtual QString storeId(int id) const =0
Returns the string id of the store, or an empty string if the integer context id is invalid.
virtual QString writeEntry(int id, const CRL &crl)
Write a CRL to the store.
virtual QString writeEntry(int id, const PGPKey &key)
Write a PGPKey to the store.
virtual QString name(int id) const =0
Returns the friendly name of the store, or an empty string if the integer context id is invalid.
Type
The type of keystore.
Definition: qca_keystore.h:424
Message authentication code provider.
Definition: qcaprovider.h:284
KeyLength anyKeyLength() const
Returns a KeyLength that supports any length.
Definition: qcaprovider.h:324
virtual void setup(const SymmetricKey &key)=0
Set up the object for hashing.
virtual KeyLength keyLength() const =0
Returns the KeyLength for this MAC algorithm.
MACContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:292
virtual void update(const MemoryRegion &in)=0
Process a chunk of data.
Array of bytes that may be optionally secured.
Definition: qca_tools.h:91
SecureMessage provider.
Definition: qcaprovider.h:2804
virtual QByteArray read()=0
Extract output from the message operation.
virtual void start(SecureMessage::Format f, Operation op)=0
Begins the secure message operation.
virtual QString diagnosticText() const
Returns any diagnostic text for the operation, potentially useful to show the user in the event the o...
Operation
The type of operation being performed.
Definition: qcaprovider.h:2811
@ Verify
Verify operation.
Definition: qcaprovider.h:2815
@ Sign
Sign operation.
Definition: qcaprovider.h:2814
@ Decrypt
Decrypt (or Decrypt and Verify) operation.
Definition: qcaprovider.h:2813
@ Encrypt
Encrypt operation.
Definition: qcaprovider.h:2812
virtual void setupEncrypt(const SecureMessageKeyList &keys)=0
Configure a new encrypting operation.
virtual int written()=0
Returns the number of input bytes accepted since the last call to update()
virtual void setupVerify(const QByteArray &detachedSig)=0
Configure a new verify operation.
virtual QString hashName() const =0
Returns the name of the hash used to generate the signature, in the case of a signature operation.
virtual bool success() const =0
Returns true if the operation was successful.
virtual void setupSign(const SecureMessageKeyList &keys, SecureMessage::SignMode m, bool bundleSigner, bool smime)=0
Configure a new signing operation.
MessageContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:2825
virtual bool finished() const =0
Returns true if the operation has finished, otherwise false.
virtual void update(const QByteArray &in)=0
Provide input to the message operation.
void updated()
Emitted when there is data to read, if input data has been accepted, or if the operation has finished...
virtual SecureMessage::Error errorCode() const =0
Returns the reason for failure, if the operation was not successful.
virtual QByteArray signature() const =0
Returns the signature, in the case of a detached signature operation.
virtual void end()=0
Indicates the end of input.
virtual void reset()=0
Reset the object to its initial state.
virtual SecureMessageSignatureList signers() const =0
Returns a list of signatures, in the case of a verify or decrypt and verify operation.
virtual bool waitForFinished(int msecs)=0
Waits for the secure message operation to complete.
virtual bool canSignMultiple() const =0
Returns true if the provider supports multiple signers for signature creation or signature verificati...
virtual SecureMessage::Type type() const =0
The type of secure message (e.g.
OpenPGP key properties.
Definition: qcaprovider.h:1661
bool isTrusted
True if this key is trusted (e.g.
Definition: qcaprovider.h:1706
bool inKeyring
True if this key is in a keyring (and thus usable), otherwise false.
Definition: qcaprovider.h:1700
QStringList userIds
List of user id strings for the key, the first one being the primary user id.
Definition: qcaprovider.h:1672
QDateTime creationDate
The time the key was created.
Definition: qcaprovider.h:1682
QString fingerprint
The hex fingerprint of the key.
Definition: qcaprovider.h:1694
QDateTime expirationDate
The time the key expires.
Definition: qcaprovider.h:1687
QString keyId
The key id.
Definition: qcaprovider.h:1666
bool isSecret
True if this key is a secret key, otherwise false.
Definition: qcaprovider.h:1677
OpenPGP key provider.
Definition: qcaprovider.h:1720
virtual QString toAscii() const =0
Convert the key to ascii-armored format, and return the value.
PGPKeyContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1728
virtual QByteArray toBinary() const =0
Convert the key to binary format, and return the value.
virtual ConvertResult fromBinary(const QByteArray &a)=0
Read binary input and convert it into a key.
virtual ConvertResult fromAscii(const QString &s)=0
Read ascii-armored input and convert it into a key.
virtual const PGPKeyContextProps * props() const =0
Returns a pointer to the properties of this key.
Pretty Good Privacy key.
Definition: qca_cert.h:2361
PKCS#12 provider.
Definition: qcaprovider.h:1609
PKCS12Context(Provider *p)
Standard constructor.
Definition: qcaprovider.h:1617
virtual QByteArray toPKCS12(const QString &name, const QList< const CertContext * > &chain, const PKeyContext &priv, const SecureArray &passphrase) const =0
Create PKCS#12 DER output based on a set of input items.
virtual ConvertResult fromPKCS12(const QByteArray &in, const SecureArray &passphrase, QString *name, QList< CertContext * > *chain, PKeyContext **priv) const =0
Read PKCS#12 DER input and convert it into a set of output items.
Public key implementation provider base.
Definition: qcaprovider.h:492
virtual bool isNull() const =0
Returns true if this object is not valid.
virtual PKey::Type type() const =0
Returns the type of public key.
virtual void convertToPublic()=0
If the key is a private key, this function will convert it into a public key (all private key data in...
virtual bool isPrivate() const =0
Returns true if this is a private key, otherwise false.
virtual int bits() const =0
Returns the number of bits in the key.
virtual void update(const MemoryRegion &in)
Process the plaintext input data for either signing or verifying, whichever operation is active.
virtual bool decrypt(const SecureArray &in, SecureArray *out, EncryptionAlgorithm alg)
Decrypt data.
PKeyBase(Provider *p, const QString &type)
Standard constructor.
virtual SymmetricKey deriveKey(const PKeyBase &theirs)
Compute a symmetric key based on this private key and some other public key.
void finished()
Emitted when an asynchronous operation completes on this key.
virtual int maximumEncryptSize(EncryptionAlgorithm alg) const
Returns the maximum number of bytes that can be encrypted by this key.
virtual bool endVerify(const QByteArray &sig)
Complete a verify operation, and return true if successful.
virtual QByteArray endSign()
Complete a signing operation, and return the signature value.
virtual void startVerify(SignatureAlgorithm alg, SignatureFormat format)
Begin a verify operation.
virtual SecureArray encrypt(const SecureArray &in, EncryptionAlgorithm alg)
Encrypt data.
virtual bool canExport() const =0
Returns true if the components of this key are accessible and whether it can be serialized into an ou...
virtual void startSign(SignatureAlgorithm alg, SignatureFormat format)
Begin a signing operation.
Public key container provider.
Definition: qcaprovider.h:865
virtual ConvertResult privateFromPEM(const QString &s, const SecureArray &passphrase)
Read PEM-formatted input and convert it into a private key.
virtual ConvertResult publicFromPEM(const QString &s)
Read PEM-formatted input and convert it into a public key.
virtual const PKeyBase * key() const =0
Returns the key held by this object, or 0 if there is no key.
PKeyContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:873
virtual bool importKey(const PKeyBase *key)=0
Attempt to import a key from another provider.
virtual PKeyBase * key()=0
Returns the key held by this object, or 0 if there is no key.
virtual QList< PBEAlgorithm > supportedPBEAlgorithms() const =0
Returns a list of password-based encryption algorithms that are supported for private key serializati...
virtual void setKey(PKeyBase *key)=0
Sets the key for this object.
virtual ConvertResult privateFromDER(const SecureArray &a, const SecureArray &passphrase)
Read DER-formatted input and convert it into a private key.
virtual QList< PKey::Type > supportedTypes() const =0
Returns a list of supported public key types.
virtual QByteArray publicToDER() const
Convert a public key to DER format, and return the value.
virtual ConvertResult publicFromDER(const QByteArray &a)
Read DER-formatted input and convert it into a public key.
virtual QString publicToPEM() const
Convert a public key to PEM format, and return the value.
virtual SecureArray privateToDER(const SecureArray &passphrase, PBEAlgorithm pbe) const
Convert a private key to DER format, and return the value.
virtual QList< PKey::Type > supportedIOTypes() const =0
Returns a list of public key types that can be serialized and deserialized into DER and PEM format.
virtual QString privateToPEM(const SecureArray &passphrase, PBEAlgorithm pbe) const
Convert a private key to PEM format, and return the value.
Type
Types of public key cryptography keys supported by QCA.
Definition: qca_publickey.h:255
Generic private key.
Definition: qca_publickey.h:827
Internal context class used for the plugin.
Algorithm provider.
Definition: qca_core.h:753
RSA provider.
Definition: qcaprovider.h:636
virtual BigInteger e() const =0
Returns the public E component of this RSA key.
virtual BigInteger n() const =0
Returns the public N component of this RSA key.
virtual BigInteger p() const =0
Returns the private P component of this RSA key.
RSAContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:644
virtual void createPublic(const BigInteger &n, const BigInteger &e)=0
Create an RSA public key based on the two public components.
virtual BigInteger d() const =0
Returns the private D component of this RSA key.
virtual BigInteger q() const =0
Returns the private Q component of this RSA key.
virtual void createPrivate(const BigInteger &n, const BigInteger &e, const BigInteger &p, const BigInteger &q, const BigInteger &d)=0
Create an RSA private key based on the five components.
virtual void createPrivate(int bits, int exp, bool block)=0
Generate an RSA private key.
Random provider.
Definition: qcaprovider.h:148
RandomContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:156
virtual SecureArray nextBytes(int size)=0
Return an array of random bytes.
Convenience class to hold an IP address and an associated port.
Definition: qcaprovider.h:2515
quint16 port
The port.
Definition: qcaprovider.h:2525
QString addr
The IP address.
Definition: qcaprovider.h:2520
SASL provider.
Definition: qcaprovider.h:2502
virtual void serverFirstStep(const QString &mech, const QByteArray *clientInit)=0
Finishes server startup.
virtual QByteArray to_net()=0
Returns data that should be sent across the network (for the security layer)
virtual SASL::AuthCondition authCondition() const =0
Returns the reason for failure, if the authentication was not successful.
virtual QString authzid() const =0
Returns the authzid attempting to authorize (server mode only)
virtual void setup(const QString &service, const QString &host, const HostPort *local, const HostPort *remote, const QString &ext_id, int ext_ssf)=0
Configure a new session.
virtual QString username() const =0
Returns the username attempting to authenticate (server mode only)
virtual int encoded() const =0
Returns the number of bytes of plaintext data that is encoded inside of to_net()
virtual void startServer(const QString &realm, bool disableServerSendLast)=0
Begins the session in server mode, starting with the authentication.
virtual void tryAgain()=0
Attempt the most recent operation again.
virtual SASL::Params clientParams() const =0
Returns the needed/optional client parameters.
virtual QByteArray stepData() const =0
Returns an authentication payload for to be transmitted over the network.
SASLContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:2545
virtual QString mech() const =0
Returns the mechanism selected.
void resultsReady()
Emit this when a startClient(), startServer(), serverFirstStep(), nextStep(), tryAgain(),...
virtual bool waitForResultsReady(int msecs)=0
Waits for a startClient(), startServer(), serverFirstStep(), nextStep(), tryAgain(),...
virtual QStringList mechlist() const =0
Returns the mechanism list (server mode only)
virtual bool haveClientInit() const =0
Returns true if the client has initialization data.
virtual int ssf() const =0
Returns the SSF of the active SASL session.
virtual QByteArray to_app()=0
Returns data that is decoded from the network and should be processed by the application.
virtual void setClientParams(const QString *user, const QString *authzid, const SecureArray *pass, const QString *realm)=0
Set some of the client parameters (pass 0 to not set a field)
virtual void reset()=0
Reset the object to its initial state.
virtual QStringList realmlist() const =0
Returns the realm list (client mode only)
virtual void update(const QByteArray &from_net, const QByteArray &from_app)=0
Performs one iteration of the SASL security layer processing.
virtual Result result() const =0
Returns the result code of an operation.
virtual void startClient(const QStringList &mechlist, bool allowClientSendFirst)=0
Begins the session in client mode, starting with the authentication.
Result
Result of a SASL operation.
Definition: qcaprovider.h:2532
@ Params
Parameters are needed to complete authentication.
Definition: qcaprovider.h:2535
@ Success
Operation completed.
Definition: qcaprovider.h:2533
@ Error
Operation failed.
Definition: qcaprovider.h:2534
@ AuthCheck
Client login can be inspected (server only)
Definition: qcaprovider.h:2536
virtual void nextStep(const QByteArray &from_net)=0
Perform another step of the SASL authentication.
virtual void setConstraints(SASL::AuthFlags f, int minSSF, int maxSSF)=0
Set the constraints of the session using SSF values.
Parameter flags for the SASL authentication.
Definition: qca_securelayer.h:907
AuthCondition
Possible authentication error states.
Definition: qca_securelayer.h:849
AuthFlags
Authentication requirement flag values.
Definition: qca_securelayer.h:868
SecureMessageSystem provider.
Definition: qcaprovider.h:2989
virtual void setTrustedCertificates(const CertificateCollection &trusted)
Set the trusted certificates and for this secure message system, to be used for validation.
SMSContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:2998
virtual MessageContext * createMessage()=0
Create a new message object for this system.
virtual void setUntrustedCertificates(const CertificateCollection &untrusted)
Set the untrusted certificates and CRLs for this secure message system, to be used for validation.
virtual void setPrivateKeys(const QList< SecureMessageKey > &keys)
Set the private keys for this secure message system, to be used for decryption.
Secure array of bytes.
Definition: qca_tools.h:317
Type
The type of secure message.
Definition: qca_securemessage.h:328
Error
Errors for secure messages.
Definition: qca_securemessage.h:356
SignMode
The type of message signature.
Definition: qca_securemessage.h:337
Format
Formats for secure messages.
Definition: qca_securemessage.h:347
Container for keys for symmetric encryption algorithms.
Definition: qca_core.h:1252
Information about an active TLS connection.
Definition: qcaprovider.h:2156
QString cipherSuite
The cipher suite being used for this connection.
Definition: qcaprovider.h:2173
int cipherBits
The bit size of the cipher used for this connection.
Definition: qcaprovider.h:2178
bool isCompressed
True if the TLS connection is compressed, otherwise false.
Definition: qcaprovider.h:2161
TLSSessionContext * id
Pointer to the id of this TLS session, for use with resuming.
Definition: qcaprovider.h:2190
TLS::Version version
The TLS protocol version being used for this connection.
Definition: qcaprovider.h:2166
int cipherMaxBits
The maximum bit size possible of the cipher used for this connection.
Definition: qcaprovider.h:2184
TLS provider.
Definition: qcaprovider.h:2143
virtual void setCertificate(const CertificateChain &cert, const PrivateKey &key)=0
Set the local certificate.
virtual Validity peerCertificateValidity() const =0
Returns the QCA::Validity of the peer certificate.
virtual SessionInfo sessionInfo() const =0
Returns information about the active TLS session.
virtual QByteArray to_net()=0
Returns data that should be sent across the network.
virtual int maxSSF() const =0
Returns the maximum SSF supported by this provider.
virtual QByteArray to_app()=0
Returns data that is decoded from the network and should be processed by the application.
virtual bool clientHelloReceived() const =0
Returns true if the TLS client hello has been received.
virtual Result result() const =0
Returns the result code of an operation.
virtual int encoded() const =0
Returns the number of bytes of plaintext data that is encoded inside of to_net()
virtual void setConstraints(const QStringList &cipherSuiteList)=0
This is an overloaded member function, provided for convenience. It differs from the above function o...
virtual void update(const QByteArray &from_net, const QByteArray &from_app)=0
Performs one iteration of the TLS session processing.
virtual bool serverHelloReceived() const =0
Returns true if the TLS server hello has been received.
Result
Result of a TLS operation.
Definition: qcaprovider.h:2197
@ Success
Operation completed.
Definition: qcaprovider.h:2198
@ Error
Operation failed.
Definition: qcaprovider.h:2199
virtual void setSessionId(const TLSSessionContext &id)=0
Set the TLS session id, for session resuming.
virtual bool canCompress() const =0
Returns true if the provider supports compression.
void resultsReady()
Emit this when a start() or update() operation has completed.
virtual void reset()=0
Reset the object to its initial state.
virtual void start()=0
Begins the session, starting with the handshake.
virtual QList< CertificateInfoOrdered > issuerList() const =0
Returns the issuer list sent by the server (client mode only)
virtual QString hostName() const =0
Returns the host name sent by the client using server name indication (server mode only)
virtual void setTrustedCertificates(const CertificateCollection &trusted)=0
Set the list of trusted certificates.
virtual void setIssuerList(const QList< CertificateInfoOrdered > &issuerList)=0
Set the list of acceptable issuers.
virtual void setConstraints(int minSSF, int maxSSF)=0
Set the constraints of the session using SSF values.
virtual void setMTU(int size)
Set the maximum transmission unit size.
virtual bool waitForResultsReady(int msecs)=0
Waits for a start() or update() operation to complete.
virtual QStringList supportedCipherSuites(const TLS::Version &version) const =0
Returns a list of supported cipher suites for the specified SSL/TLS version.
virtual bool certificateRequested() const =0
Returns true if the peer is requesting a certificate.
virtual CertificateChain peerCertificateChain() const =0
Returns the peer certificate chain.
virtual bool canSetHostName() const =0
Returns true if the provider supports server name indication.
virtual QByteArray unprocessed()=0
Returns any unprocessed network input data.
virtual void setup(bool serverMode, const QString &hostName, bool compress)=0
Configure a new session.
void dtlsTimeout()
Emit this to force the application to call update(), even with empty arguments.
virtual bool eof() const =0
Returns true if the peer has closed the stream.
TLSContext(Provider *p, const QString &type)
Standard constructor.
Definition: qcaprovider.h:2209
virtual void shutdown()=0
Sets the session to the shutdown state.
TLS "session" provider.
Definition: qcaprovider.h:2121
TLSSessionContext(Provider *p)
Standard constructor.
Definition: qcaprovider.h:2129
Version
Version of TLS or SSL.
Definition: qca_securelayer.h:306
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:41
UsageMode
Specify the intended usage of a certificate.
Definition: qca_cert.h:476
DLGroupSet
Well known discrete logarithm group sets.
Definition: qca_publickey.h:134
CertificateRequestFormat
Certificate Request Format.
Definition: qca_cert.h:55
QList< ConstraintType > Constraints
Certificate constraints type
Definition: qca_cert.h:582
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:490
EncryptionAlgorithm
Encryption algorithms.
Definition: qca_publickey.h:55
PBEAlgorithm
Password-based encryption.
Definition: qca_publickey.h:102
Direction
Direction settings for symmetric algorithms.
Definition: qca_core.h:141
ValidateFlags
The conditions to validate for a certificate.
Definition: qca_cert.h:509
ConvertResult
Return value from a format conversion.
Definition: qca_publickey.h:118
SignatureAlgorithm
Signature algorithm variants.
Definition: qca_publickey.h:74
SignatureFormat
Signature formats (DSA only)
Definition: qca_publickey.h:92
Header file for classes for cryptographic primitives (basic operations).
Header file for PGP key and X.509 certificate related classes.
Header file for core QCA infrastructure.
Header file for classes that provide and manage keys.
Header file for PublicKey and PrivateKey related classes.
Header file for SecureLayer and its subclasses.
Header file for secure message (PGP, CMS) classes.