summaryrefslogtreecommitdiffstats
path: root/src/tqcaprovider.h
blob: b57cc611b6be7a51cfe1a3c0059417cb654836db (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
/*
 * tqcaprovider.h - TQCA Plugin API
 * Copyright (C) 2003  Justin Karneges
 * Copyright (C) 2010-2020  TDE Team
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 *
 */

#ifndef TQCAPROVIDER_H
#define TQCAPROVIDER_H

#include <tqglobal.h>
#include <tqstring.h>
#include <tqdatetime.h>
#include <tqobject.h>
#include <tqhostaddress.h>
#include "tqca.h"

#define TQCA_PLUGIN_VERSION 1

class TQCAProvider
{
public:
	TQCAProvider() {}
	virtual ~TQCAProvider() {}

	virtual void init()=0;
	virtual int qcaVersion() const=0;
	virtual int capabilities() const=0;
	virtual void *context(int cap)=0;
};

class TQCA_HashContext
{
public:
	virtual ~TQCA_HashContext() {}

	virtual TQCA_HashContext *clone()=0;
	virtual void reset()=0;
	virtual void update(const char *in, unsigned int len)=0;
	virtual void final(TQByteArray *out)=0;
};

class TQCA_CipherContext
{
public:
	virtual ~TQCA_CipherContext() {}

	virtual TQCA_CipherContext *clone()=0;
	virtual int keySize()=0;
	virtual int blockSize()=0;
	virtual bool generateKey(char *out, int keysize=-1)=0;
	virtual bool generateIV(char *out)=0;

	virtual bool setup(int dir, int mode, const char *key, int keysize, const char *iv, bool pad)=0;
	virtual bool update(const char *in, unsigned int len)=0;
	virtual bool final(TQByteArray *out)=0;
};

class TQCA_RSAKeyContext
{
public:
	virtual ~TQCA_RSAKeyContext() {}

	virtual TQCA_RSAKeyContext *clone() const=0;
	virtual bool isNull() const=0;
	virtual bool havePublic() const=0;
	virtual bool havePrivate() const=0;
	virtual bool createFromDER(const char *in, unsigned int len)=0;
	virtual bool createFromPEM(const char *in, unsigned int len)=0;
	virtual bool createFromNative(void *in)=0;
	virtual bool generate(unsigned int bits)=0;
	virtual bool toDER(TQByteArray *out, bool publicOnly)=0;
	virtual bool toPEM(TQByteArray *out, bool publicOnly)=0;

	virtual bool encrypt(const TQByteArray &in, TQByteArray *out, bool oaep)=0;
	virtual bool decrypt(const TQByteArray &in, TQByteArray *out, bool oaep)=0;
};

struct TQCA_CertProperty
{
	TQString var;
	TQString val;
};

class TQCA_CertContext
{
public:
	virtual ~TQCA_CertContext() {}

	virtual TQCA_CertContext *clone() const=0;
	virtual bool isNull() const=0;
	virtual bool createFromDER(const char *in, unsigned int len)=0;
	virtual bool createFromPEM(const char *in, unsigned int len)=0;
	virtual bool toDER(TQByteArray *out)=0;
	virtual bool toPEM(TQByteArray *out)=0;

	virtual TQString serialNumber() const=0;
	virtual TQString subjectString() const=0;
	virtual TQString issuerString() const=0;
	virtual TQValueList<TQCA_CertProperty> subject() const=0;
	virtual TQValueList<TQCA_CertProperty> issuer() const=0;
	virtual TQDateTime notBefore() const=0;
	virtual TQDateTime notAfter() const=0;
	virtual bool matchesAddress(const TQString &realHost) const=0;
};

class TQCA_TLSContext
{
public:
	enum Result { Success, Error, Continue };
	virtual ~TQCA_TLSContext() {}

	virtual void reset()=0;
	virtual bool startClient(const TQPtrList<TQCA_CertContext> &store, const TQCA_CertContext &cert, const TQCA_RSAKeyContext &key)=0;
	virtual bool startServer(const TQPtrList<TQCA_CertContext> &store, const TQCA_CertContext &cert, const TQCA_RSAKeyContext &key)=0;

	virtual int handshake(const TQByteArray &in, TQByteArray *out)=0;
	virtual int shutdown(const TQByteArray &in, TQByteArray *out)=0;
	virtual bool encode(const TQByteArray &plain, TQByteArray *to_net, int *encoded)=0;
	virtual bool decode(const TQByteArray &from_net, TQByteArray *plain, TQByteArray *to_net)=0;
	virtual bool eof() const=0;
	virtual TQByteArray unprocessed()=0;

	virtual TQCA_CertContext *peerCertificate() const=0;
	virtual int validityResult() const=0;
};

struct TQCA_SASLHostPort
{
	TQHostAddress addr;
	TQ_UINT16 port;
};

struct TQCA_SASLNeedParams
{
	bool user, authzid, pass, realm;
};

class TQCA_SASLContext
{
public:
	enum Result { Success, Error, NeedParams, AuthCheck, Continue };
	virtual ~TQCA_SASLContext() {}

	// common
	virtual void reset()=0;
	virtual void setCoreProps(const TQString &service, const TQString &host, TQCA_SASLHostPort *local, TQCA_SASLHostPort *remote)=0;
	virtual void setSecurityProps(bool noPlain, bool noActive, bool noDict, bool noAnon, bool reqForward, bool reqCreds, bool reqMutual, int ssfMin, int ssfMax, const TQString &_ext_authid, int _ext_ssf)=0;
	virtual int security() const=0;
	virtual int errorCond() const=0;

	// init / first step
	virtual bool clientStart(const TQStringList &mechlist)=0;
	virtual int clientFirstStep(bool allowClientSendFirst)=0;
	virtual bool serverStart(const TQString &realm, TQStringList *mechlist, const TQString &name)=0;
	virtual int serverFirstStep(const TQString &mech, const TQByteArray *in)=0;

	// get / set params
	virtual TQCA_SASLNeedParams clientParamsNeeded() const=0;
	virtual void setClientParams(const TQString *user, const TQString *authzid, const TQString *pass, const TQString *realm)=0;
	virtual TQString username() const=0;
	virtual TQString authzid() const=0;

	// continue steps
	virtual int nextStep(const TQByteArray &in)=0;
	virtual int tryAgain()=0;

	// results
	virtual TQString mech() const=0;
	virtual const TQByteArray *clientInit() const=0;
	virtual TQByteArray result() const=0;

	// security layer
	virtual bool encode(const TQByteArray &in, TQByteArray *out)=0;
	virtual bool decode(const TQByteArray &in, TQByteArray *out)=0;
};

#endif